Community discussions

MikroTik App

Search found 7120 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 24
by holvoetn
Tue Dec 24, 2024 11:48 am
Forum: General
Topic: access to MKT even though its offline
Replies: 3
Views: 189

Re: access to MKT even though its offline

Just wondering ... how does that VPN work then without internet connectivity ?
by holvoetn
Tue Dec 24, 2024 11:16 am
Forum: Containers
Topic: Container on arm
Replies: 1
Views: 120

Re: Container on arm

Check this recent thread with exact the same environment.
It was about a Python environment.

viewtopic.php?t=213024
by holvoetn
Tue Dec 24, 2024 10:43 am
Forum: Wireless Networking
Topic: HAP ax3 : still support 2.4G standard B or not ?
Replies: 2
Views: 168

Re: HAP ax3 : still support 2.4G standard B or not ?

It is even advisable to make a separate slave interface with settings only for those devices and make sure it's properly shielded from the rest of your network (firewall, vlan, ... whatever you like, as long as it is done).
by holvoetn
Tue Dec 24, 2024 12:08 am
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 153
Views: 19720

Re: hap ax3 random wireless disconnects

Or a very recent change of default setting.
by holvoetn
Mon Dec 23, 2024 10:25 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 264
Views: 86345

Re: v7.17rc [testing] is released!

Doubtful IMHO.
There is a confirmed bug with container startup crashing the whole system.
That needs to be fixed or it will be a very eventful release.
by holvoetn
Mon Dec 23, 2024 3:17 pm
Forum: Wireless Networking
Topic: WiFi Access Points Maxes at 300mbps D/L
Replies: 18
Views: 794

Re: WiFi Access Points Maxes at 300mbps D/L

If you are testing from PC1 wireless to PC2, you are not really passing Hex. It stays on that switch. What sort of switch is it ? Simple test since both ether4 and ether5 are on the same bridge: remove that switch from the mix. remove/disable bridge2 (to be sure HW offloading is fully active on the ...
by holvoetn
Mon Dec 23, 2024 3:04 pm
Forum: Wireless Networking
Topic: WiFi Access Points Maxes at 300mbps D/L
Replies: 18
Views: 794

Re: WiFi Access Points Maxes at 300mbps D/L

Thank you for this diagram.

Where is the iperf server ?

Also, you did not mention in your initial post you have THREE WAN connections to ISP ?
Which device is using which WAN connection ?

Ether5/LAN2 is not being used for the moment ?
by holvoetn
Mon Dec 23, 2024 2:47 pm
Forum: Wireless Networking
Topic: WiFi Access Points Maxes at 300mbps D/L
Replies: 18
Views: 794

Re: WiFi Access Points Maxes at 300mbps D/L

(moved post with config into this thread since you replied in another thread, from 2023) Please also add drawing how you test your iperf setup. From which device to which port on Hex, which port from Hex to which other device. Same with wireless AP, what port is it being connected to ? Quick comment...
by holvoetn
Mon Dec 23, 2024 2:39 pm
Forum: Wireless Networking
Topic: WiFi Access Points Maxes at 300mbps D/L
Replies: 18
Views: 794

Re: WiFi Access Points Maxes at 300mbps D/L

Already several times it has been hinted to show your config although the info you provide, does not seem to indicate an issue with the wired part. Even if you add a non-MT AP into the mix, it is still a wired device for your Hex. However ...if from wired to wired you "only" get around 820...
by holvoetn
Sun Dec 22, 2024 2:58 pm
Forum: General
Topic: hAP ax Lite LTE - problems with connection
Replies: 3
Views: 253

Re: hAP ax Lite LTE - problems with connection

Couple of quick comments
Disable detect internet. Really.
Adjust lease time of dhcp server. 10 minutes is really too short. 30m is default, I use 1hr or even 4hr.
Set in APN use default route.
by holvoetn
Fri Dec 20, 2024 10:23 pm
Forum: RouterBOARD hardware
Topic: 5009 version with wifi ?
Replies: 62
Views: 3629

Re: 5009 version with wifi ?

For routing performance rule of thumb is 512 byte packets, 25 filter rules.
That should give you a rough idea about real-life performance.
by holvoetn
Fri Dec 20, 2024 10:21 pm
Forum: Wireless Networking
Topic: Rx/Tx 54 mbps on WIndows but not MAC OS
Replies: 4
Views: 314

Re: Rx/Tx 54 mbps on WIndows but not MAC OS

If it works after you disconnect and reconnect the client and it works with your Mac, there is nothing wrong with the router, I would think.
It's your Windoooos client playing tricks on you :D

What wifi card is in that box ?
What version of Windows ?
by holvoetn
Fri Dec 20, 2024 5:37 pm
Forum: Beginner Basics
Topic: Adding USB 2,5Gbe ethernet adapter to RB5009UG
Replies: 8
Views: 1791

Re: Adding USB 2,5Gbe ethernet adapter to RB5009UG

How does it help? There will be still only 1Gb ports on Chateau.
Apologies, my response was directed to OP with RB5009.
by holvoetn
Fri Dec 20, 2024 3:04 pm
Forum: Beginner Basics
Topic: Adding USB 2,5Gbe ethernet adapter to RB5009UG
Replies: 8
Views: 1791

Re: Adding USB 2,5Gbe ethernet adapter to RB5009UG

Or put a 2.5Gb / 10Gb switch in the mix ?

Even with bonding you will never saturate 2 links if only 1 stream is passing.
by holvoetn
Fri Dec 20, 2024 2:57 pm
Forum: Beginner Basics
Topic: cAP AX No internet...
Replies: 1
Views: 250

Re: cAP AX No internet...

I think with quickset you should be able to change those things.
And most likely two subnets using the same IP range will indeed be the problem.
by holvoetn
Fri Dec 20, 2024 9:31 am
Forum: General
Topic: Questions related to "Using RouterOS to VLAN your network"
Replies: 2
Views: 351

Re: Questions related to "Using RouterOS to VLAN your network"

(mod edit: post split from article to keep discussion separate. If needed/useful, can be merged again later) My take on things: 1- what is the question ? 2- what is the question ? 3- Tagged ports are indeed filtering based on VLAN ids. 4- Your base problem here might be that you are not aware a brid...
by holvoetn
Fri Dec 20, 2024 8:09 am
Forum: General
Topic: No routes networks on RB912-LTE (2004) with EC200A modem
Replies: 2
Views: 431

Re: No routes networks on RB912-LTE (2004) with EC200A modem

Already checked with support ?
by holvoetn
Fri Dec 20, 2024 8:08 am
Forum: General
Topic: VPN with restrictions
Replies: 2
Views: 237

Re: VPN with restrictions

High level
Q1: create VPN and using firewall rules and VPN interface in forward chain restrict access to only 1 destination device (allow to one dest, drop all the rest coming from that interface).

Q2: similar approach.

What VPN are you planning to add ?
by holvoetn
Fri Dec 20, 2024 6:36 am
Forum: Wireless Networking
Topic: cAP ax - Multiple SSID + VLAN - No CAPsMAN - No DHCP
Replies: 1
Views: 240

Re: cAP ax - Multiple SSID + VLAN - No CAPsMAN - No DHCP

With legacy wireless adding capsman layer makes things indeed more complex. Not that much with wave2 drivers (95% is exactly the same) but you are correct that for 1 AP it's not worth the extra effort. A small drawing with your intended setup adding how VLANs should flow might help. And of course co...
by holvoetn
Thu Dec 19, 2024 11:53 pm
Forum: General
Topic: Can I filter on L2?
Replies: 2
Views: 284

Re: Can I filter on L2?

Most likely switch ACL rules.

Check this thread for more background info.
viewtopic.php?t=203589
by holvoetn
Thu Dec 19, 2024 11:27 pm
Forum: Beginner Basics
Topic: RB5009 in the hands of a newbie, Gateway problem
Replies: 17
Views: 1183

Re: RB5009 in the hands of a newbie, Gateway problem

Now plug in your laptop into ether9, change ipv4 settings to 192.168.65.2 and you should be in!!!
Don't think so.
Not on RB5009 with 8 ether ports :lol:
by holvoetn
Thu Dec 19, 2024 9:03 pm
Forum: Wireless Networking
Topic: Adding new wAP AX to network and setting up CAPsMAN
Replies: 4
Views: 468

Re: Adding new wAP AX to network and setting up CAPsMAN

I could track it down and note that it has an issue related to datapath and vlan setup. In short, it only work when provision vlan is the same as mgmt vlan. Cap AX and wAP AX are identical as far as vlan setup is concerned. Only major difference is the swapping of radios, wifi1 and wifi2. Best to c...
by holvoetn
Thu Dec 19, 2024 1:10 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 264
Views: 86345

Re: v7.17rc [testing] is released!

Known issue. They are working on it.
by holvoetn
Thu Dec 19, 2024 8:59 am
Forum: General
Topic: Is my routerboard RB750r2 Bricked? No response from router for netinstall
Replies: 4
Views: 362

Re: Is my routerboard RB750r2 Bricked? No response from router for netinstall

You did use ether1 to connect your RB ?
Sometimes it helps to put a dumb switch in between.
by holvoetn
Wed Dec 18, 2024 9:58 pm
Forum: Virtualization
Topic: Looking for CloudHosted VPS host
Replies: 6
Views: 506

Re: Looking for CloudHosted VPS host

I use IsHosting.
CHR VPS for 5 EUR /month with fixed ip4.
I am using it as wireguard gateway only for now.
by holvoetn
Wed Dec 18, 2024 6:45 pm
Forum: General
Topic: Tag Stacking
Replies: 3
Views: 347

Re: Tag Stacking

by holvoetn
Wed Dec 18, 2024 3:20 pm
Forum: General
Topic: The IP of the bridge is occasionally unavailable
Replies: 13
Views: 622

Re: The IP of the bridge is occasionally unavailable

Check Bridge STP priority as well if STP/RSTP/MSTP is used.
Core switch should have lowest priority.

See here for more info:
https://help.mikrotik.com/docs/spaces/R ... ionprocess
by holvoetn
Wed Dec 18, 2024 2:23 pm
Forum: General
Topic: Traffic Accounting
Replies: 7
Views: 468

Re: Traffic Accounting

I have to search for it (again) but there was someone a couple of years ago who made a really nifty script which would do all the collecting and processing and send out info via mail per period you could specify yourself. Used it for SXT LTE6 setup in South of France to track data usage for vacation...
by holvoetn
Wed Dec 18, 2024 11:49 am
Forum: Wireless Networking
Topic: AP identity not "reboot safe"
Replies: 4
Views: 407

Re: AP identity not "reboot safe"

That sounds like a genuine bug.
Definitely something to report.

And ... good analysis !!
by holvoetn
Wed Dec 18, 2024 10:13 am
Forum: Wireless Networking
Topic: CapsMan - can't get 20Mhz channels on 2.4Ghz [SOLVED]
Replies: 6
Views: 555

Re: CapsMan - can't get 20Mhz channels on 2.4Ghz [SOLVED]

What's the idea behind "subsettings" part of config ? To apply it to Jasmine Home ? Doesn't work that way. You apply through provisioning a master config (and if needed slave config) to a radio. All info for that config needs to be in that master config (either directly, either via sub-sec...
by holvoetn
Wed Dec 18, 2024 9:18 am
Forum: General
Topic: Traffic Accounting
Replies: 7
Views: 468

Re: Traffic Accounting

The Mikrotik V6 firmware still has a traffic accounting menu, meaning the Mikrotik V7 firmware has been renamed to Kid Control.
That's what I said, didn't I ?
Can kid control monitor client device IP address traffic
Yes.
by holvoetn
Wed Dec 18, 2024 8:43 am
Forum: General
Topic: CHR WireGuard Issues [SOLVED]
Replies: 2
Views: 333

Re: CHR WireGuard Issues [SOLVED]

We've all been there :lol:
by holvoetn
Wed Dec 18, 2024 8:20 am
Forum: Wireless Networking
Topic: AP identity not "reboot safe"
Replies: 4
Views: 407

Re: AP identity not "reboot safe"

Some formatting issue on the CAP Name or some naming convention which has not been documented or ... ??

I am seeing the same with all my APs under capsman (7.16.2: AX Lite, wAP AX and AX2).
Also in Winbox GUI it shows.

If it bothers you, make ticket to support so they can investigate root cause.
by holvoetn
Wed Dec 18, 2024 8:12 am
Forum: General
Topic: Traffic Accounting
Replies: 7
Views: 468

Re: Traffic Accounting

It has been renamed to IP / Kid Control.
by holvoetn
Wed Dec 18, 2024 8:09 am
Forum: Beginner Basics
Topic: I bought my first Mikrotik Device.
Replies: 2
Views: 402

Re: I bought my first Mikrotik Device.

Problem is similar with AX Lite. 64bit processor, 32-bit OS. Main reason they gave is that the device does not have enough memory to justify use of 64-bit. Using 64-bit means larger memory usage of OS itself (64-bit instead of 32-bit pointers) which is then wasted on that device. As far as running R...
by holvoetn
Tue Dec 17, 2024 11:44 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 264
Views: 86345

Re: v7.17rc [testing] is released!

While perhaps the older ac chipset cannot directly handle VLAN in hardware... It is a nice try, but the UBNT accesspoints I use at work use the same QCA9984 chip as is used in older MikroTik AC hardware, but it fully supports VLAN assignment per client... and I don't think that would be a software ...
by holvoetn
Tue Dec 17, 2024 8:33 pm
Forum: Beginner Basics
Topic: RouterOS without CAPsMAN?
Replies: 5
Views: 700

Re: RouterOS without CAPsMAN?

8)
You're not the first and surely will not be the last.
by holvoetn
Tue Dec 17, 2024 6:26 pm
Forum: General
Topic: Route traffic behind double NAT
Replies: 14
Views: 812

Re: Route traffic behind double NAT

Obviously you need to move that rule to the top of NAT rules ...
And make sure connection track table is empty or reset MT device (or wait).
by holvoetn
Tue Dec 17, 2024 6:15 pm
Forum: General
Topic: Route traffic behind double NAT
Replies: 14
Views: 812

Re: Route traffic behind double NAT

Maybe this ?

/ip firewall nat
add action=src-nat chain=srcnat dst-address=10.0.1.0/24 out-interface=ether1 to-addresses=10.0.2.1

Reverse for the other side.
by holvoetn
Tue Dec 17, 2024 6:07 pm
Forum: RouterBOARD hardware
Topic: 5009 version with wifi ?
Replies: 62
Views: 3629

Re: 5009 version with wifi ?

CRS = switch. It has routing capabilities but not much. You're most likely looking for CCR then. And then prices go up up up. E.g. CCR2004-16G-2S+ 16 Gb ethernet ports, 2SFP+ cages, PLENTY of power. No Wifi. No passive cooling. There is even a version with 12x SFP+ cages and 2x 25G SFP cages. Does t...
by holvoetn
Tue Dec 17, 2024 4:42 pm
Forum: General
Topic: cache full, not storing since 7.14
Replies: 37
Views: 15243

Re: cache full, not storing since 7.14

Even better to not allow anything from WAN except VPN and established,related,etc.
Oh wait ... that's done by default firewall rules ... :o
by holvoetn
Tue Dec 17, 2024 4:28 pm
Forum: General
Topic: Route traffic behind double NAT
Replies: 14
Views: 812

Re: Route traffic behind double NAT

You're correct, I missed that line.
by holvoetn
Tue Dec 17, 2024 3:59 pm
Forum: Beginner Basics
Topic: HP 107W AirPrint Problem
Replies: 1
Views: 244

Re: HP 107W AirPrint Problem

It has been a while since I played with it but AFAIK default hotspot should have some firewall rules to prevent access between clients. Right before that rule which blocks access, you should add a rule to allow access to that specific printer. To be 100% sure, make sure it has a fixed IP lease so yo...
by holvoetn
Tue Dec 17, 2024 2:48 pm
Forum: General
Topic: Route traffic behind double NAT
Replies: 14
Views: 812

Re: Route traffic behind double NAT

So you have a VPN tunnel between Mikrotik A and Mikrotik B ? Which one ? Answers based on not seeing your config: What interface list is that VPN tunnel in ? I assume nothing. 2 short options: explicitly allow traffic via firewall coming from that tunnel on both Mikrotik devices or add VPN interface...
by holvoetn
Tue Dec 17, 2024 2:24 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 267
Views: 32457

Re: wAP ax?

Going through brick, glass and roof and still getting 216Mb is not too shabby, if you ask me ...
Only thing I found annoying is for some reason mode is changed after every reboot from station bridge to station...
That shouldn't happen.
Which ROS version ?
by holvoetn
Tue Dec 17, 2024 12:49 pm
Forum: RouterBOARD hardware
Topic: 5009 version with wifi ?
Replies: 62
Views: 3629

Re: 5009 version with wifi ?

MikroTik isn't really in 2.5G yet. Yes there are some devices with a single 2.5G port and an SFP that can do 2.5G, but what you really would want is a device like the 5009 but with several 2.5G (UTP) ports. And probably some switches too. And then for the router probably with wireless as well. They...
by holvoetn
Tue Dec 17, 2024 11:52 am
Forum: Wireless Networking
Topic: No CAPsMan forwarding on new CAPsMan?
Replies: 17
Views: 1145

Re: No CAPsMan forwarding on new CAPsMan?

If understand correctly, I need to configure each AP as a static VLAN device. Will the config hold long term? Meaning, if there will be update, will it crash? Yes. Yes. Normally not :lol: (depends on how MT will proceed with memory requirements for ROS7 and wifi-qcom-ac package because on those AC-...
by holvoetn
Tue Dec 17, 2024 11:27 am
Forum: RouterBOARD hardware
Topic: Correct 10G spf+ cable
Replies: 5
Views: 616

Re: Correct 10G spf+ cable

I read that for the router RB5009UG+S+i you can't use a direct attached copper spf+ cable. I can't find any documentation. I wish to connect this to a mikrotic CRS317-1G-16S+RM switch which can use DAC. Can someone shed some light on what cable I should use? Brad And where did you read that ? Mikro...
by holvoetn
Tue Dec 17, 2024 11:14 am
Forum: RouterBOARD hardware
Topic: 5009 version with wifi ?
Replies: 62
Views: 3629

Re: 5009

Every version of rb5009 has SFP+ port but there is NO version of RB5009 with wifi.
Basic chip used on that platform doesn't support wifi.

It is what it is.
by holvoetn
Tue Dec 17, 2024 11:04 am
Forum: RouterBOARD hardware
Topic: 5009 version with wifi ?
Replies: 62
Views: 3629

Re: 5009

Now you are changing requirements... you said you needed replacement.
RB2011 doesn't have any 2.5Gb ports.

There are no routers with at least 2x 2.5Gb ports AND wifi, not even when considering using 1 SFP+ as 2.5Gb port.
You need 2 devices then.
by holvoetn
Tue Dec 17, 2024 10:56 am
Forum: RouterBOARD hardware
Topic: 5009 version with wifi ?
Replies: 62
Views: 3629

Re: 5009

You mean RB5009 WITH Wifi ? I hope that version never comes...

Drop-in replacement for 2011 is L009, there is version with or without wifi.
And it's fanless.
by holvoetn
Tue Dec 17, 2024 10:43 am
Forum: Beginner Basics
Topic: Need help setting up a hAP ax3
Replies: 10
Views: 1203

Re: Need help setting up a hAP ax3

OK, what's the trick for adding my country - the United States? I tried editing the example wifi /interface wifi configuration section. I tried United States and it doesn't like the space. I tried 'United States' and it doesn't like the '. I tried UnitedStates (no space) and it says no such country...
by holvoetn
Tue Dec 17, 2024 9:42 am
Forum: General
Topic: hAP ax2 is registering itself in Windows DHCP with random (DHCP?) addresses
Replies: 9
Views: 975

Re: hAP ax2 is registering itself in Windows DHCP with random (DHCP?) addresses

Therefore as Halvoetn suggested check/disable DHCP client on hAP. The DHCP client has to be enabled for the WAN port otherwise no internet connection. I've not had chance to dig deeper into this but I will. I never said to disable ALL DHCP client. Just the unneeded one(s). Look, it doesn't take 5 m...
by holvoetn
Tue Dec 17, 2024 9:27 am
Forum: Wireless Networking
Topic: Replaced Router, must re-enter WiFi passphrase? [SOLVED]
Replies: 6
Views: 500

Re: Replaced Router, must re-enter WiFi passphrase? [SOLVED]

If I look at the BSSID of the wifi channel I am currently connected to with my laptop, it's the MAC address of the CAPSMAN wifi interface on the controller. Not the MAC address of the AP radio. If you set those interfaces to create enabled, you should be able to set that MAC the same as it was befor...
by holvoetn
Tue Dec 17, 2024 9:14 am
Forum: Wireless Networking
Topic: No CAPsMan forwarding on new CAPsMan?
Replies: 17
Views: 1145

Re: No CAPsMan forwarding on new CAPsMan?

Using AX material, there is little to nothing to be done on the caps. So yes, capsman does make it easy. About wifi-qcom-ac, normally this was NOT foreseen but MT made it available for AC HW capable using that driver. They didn't have to. But they did. It does come with some quirks, yes. But you sti...
by holvoetn
Mon Dec 16, 2024 6:09 pm
Forum: General
Topic: L009 - don't like it...
Replies: 16
Views: 1197

Re: L009 - don't like it...

Oh yes.
RB5009Pr

Should be 802.3 af/at compliant.
by holvoetn
Mon Dec 16, 2024 5:50 pm
Forum: Scripting
Topic: executing script from net failed
Replies: 35
Views: 2038

Re: executing script from net failed

I think my grip is forum is beating up OP, when Mikrotik's log message is shitty — these "executing script from XXX failed" should identify what script is at issue... I get what you mean but when multiple persons ask you to see config and you persist on not showing it, what sensible perso...
by holvoetn
Mon Dec 16, 2024 5:46 pm
Forum: General
Topic: L009 - don't like it...
Replies: 16
Views: 1197

Re: L009 - don't like it...

I was already thinking that as well but I don't have a cAP AX lying around here.
Although given wAP AX and cAP AX are both 802.3af/at devices, I am going to (carefully) assume it's just that forced on setting which should make it work.

OP can easily test it.
by holvoetn
Mon Dec 16, 2024 5:29 pm
Forum: Scripting
Topic: executing script from net failed
Replies: 35
Views: 2038

Re: executing script from net failed

Log files do show something is running, no ?
And that part is defined ... in your config.
by holvoetn
Mon Dec 16, 2024 5:26 pm
Forum: General
Topic: L009 - don't like it...
Replies: 16
Views: 1197

Re: L009 - don't like it...

The negotiation part does not fly when connected to L009.
But it works when you "skip that part", hence forced on.

With "auto on" it gives an error message (on my setup it does).
by holvoetn
Mon Dec 16, 2024 5:12 pm
Forum: General
Topic: L009 - don't like it...
Replies: 16
Views: 1197

Re: L009 - don't like it...

Just tried with wAP AX (which is even further down in power requirements but normally also 802.3af/at only): it will power on using L009 but you have to set POE on ether8 to forced on. Not auto on.
by holvoetn
Mon Dec 16, 2024 5:02 pm
Forum: Scripting
Topic: executing script from net failed
Replies: 35
Views: 2038

Re: executing script from net failed

Which is why we need at least some info on what script is running and how.

Otherwise we are all simply guessing.
by holvoetn
Mon Dec 16, 2024 5:01 pm
Forum: Wireless Networking
Topic: Problem with CapsMan v7.16.2 on RB5009
Replies: 7
Views: 551

Re: Problem with CapsMan v7.16.2 on RB5009

Why 2 bridges on RB5009 ?
Why 2 bridges on Netmetal ?

There is most likely your problem.
by holvoetn
Mon Dec 16, 2024 4:38 pm
Forum: Wireless Networking
Topic: Problem with CapsMan v7.16.2 on RB5009
Replies: 7
Views: 551

Re: Problem with CapsMan v7.16.2 on RB5009

Could someone help me?
If needed I can paste here the entire configuration
You know what to do then ... both sides, please.
by holvoetn
Mon Dec 16, 2024 4:08 pm
Forum: Scripting
Topic: executing script from net failed
Replies: 35
Views: 2038

Re: executing script from net failed

who has marded this post solved?
You did.
I "unsolved" it.

And still you are not responding to our request to provide necessary info ...
Screenshots usually don't help.
by holvoetn
Mon Dec 16, 2024 3:36 pm
Forum: Wireless Networking
Topic: Replaced Router, must re-enter WiFi passphrase? [SOLVED]
Replies: 6
Views: 500

Re: Replaced Router, must re-enter WiFi passphrase? [SOLVED]

Possibly BSSID has changed even though your SSID is the same.

PS great contribution here from mkx related to this topic:
viewtopic.php?t=210898
by holvoetn
Mon Dec 16, 2024 2:36 pm
Forum: Wireless Networking
Topic: HP AX2 wireless and Samsung TV
Replies: 4
Views: 344

Re: HP AX2 wireless and Samsung TV

And no encryption cyphers selected ?

Can you export wifi part of config ? (leave out passwd etc).
It will show there.
by holvoetn
Mon Dec 16, 2024 2:12 pm
Forum: Wireless Networking
Topic: HP AX2 wireless and Samsung TV
Replies: 4
Views: 344

Re: HP AX2 wireless and Samsung TV

What security settings are you using ?
Quite a bit of IoT devices (and that includes quite a bit of SMART TVs) only accept WPA2 and nothing else.
by holvoetn
Mon Dec 16, 2024 11:31 am
Forum: Scripting
Topic: executing script from net failed
Replies: 35
Views: 2038

Re: executing script from net failed

what is this file.? i have private data that i don't want to publish please tell me what this error is related some bug and error in script that system sched wants to run? or some one from outside wants to inject a script in my os? Some comments ... 1- this is a USER forum. Users helping other user...
by holvoetn
Mon Dec 16, 2024 10:18 am
Forum: Wireless Networking
Topic: CAPsMAN DHCP Server for CAP AX Client
Replies: 5
Views: 366

Re: CAPsMAN DHCP Server for CAP AX Client

In most cases, 1 bridge is all you need. If you are planning on having those AX devices connect to a legacy capsman controller (previous generation), that will NOT work. Are you ? It might be better to follow erlinden's advice and provide a schematic representation of your network also clarifying wh...
by holvoetn
Mon Dec 16, 2024 9:52 am
Forum: General
Topic: Help needed: Choosing an alternative for CCR2216
Replies: 22
Views: 1724

Re: Help needed: Choosing an alternative for CCR2216

I dont know how PM here works.
It doesn't.
by holvoetn
Sun Dec 15, 2024 9:18 pm
Forum: Beginner Basics
Topic: Cannot reset mikrotik cAP AC
Replies: 2
Views: 607

Re: Cannot reset mikrotik cAP AC

Check user manual for reset sequence.
Watching led sequence is more important then counting seconds

Worse case: netinstall.
by holvoetn
Sun Dec 15, 2024 9:07 pm
Forum: General
Topic: Saving router configuration backup
Replies: 4
Views: 394

Re: Saving router configuration backup

Ssh / ftp / smb / ... you can even mail them to yourself.
Plenty of options.
by holvoetn
Sun Dec 15, 2024 3:27 pm
Forum: Beginner Basics
Topic: Best solution for site to site tunnel for public internet delivery
Replies: 4
Views: 768

Re: Best solution for site to site tunnel for public internet delivery

Depending on needs for further routing, vlan, discovery, romon, ... EOIP might be better since it will create a virtual interface for which you can do exactly the same as any ethernet interface.
But IPIP should do as well if you only need IP-related functions.
by holvoetn
Sat Dec 14, 2024 8:06 pm
Forum: Forwarding Protocols
Topic: WireGuard - multiple instances
Replies: 5
Views: 503

Re: WireGuard - multiple instances

Pay attention to which public key you place where and make sure each peer has a unique address.

If that doesn't help, indeed post config for review.
All peers.
by holvoetn
Sat Dec 14, 2024 4:10 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 267
Views: 32457

Re: wAP ax?

A bit too much for my liking.
by holvoetn
Sat Dec 14, 2024 2:02 pm
Forum: Beginner Basics
Topic: Port forwarding for selected devices
Replies: 7
Views: 618

Re: Port forwarding for selected devices

At least using Wireguard I know you can selectively specify which subnet should go over VPN and which not.
I suppose OpenVPN can do the same ?

Personal preference is WG, though 8)
It's more resource friendly and faster and less chatter to keep the connection.
by holvoetn
Sat Dec 14, 2024 1:11 pm
Forum: Scripting
Topic: how to get current WAN-IP?
Replies: 3
Views: 357

Re: how to get current WAN-IP?

DuckDNS should be able to do it.
I already used it in the past just for that.

Plenty of script examples available
by holvoetn
Sat Dec 14, 2024 1:09 pm
Forum: Beginner Basics
Topic: Port forwarding for selected devices
Replies: 7
Views: 618

Re: Port forwarding for selected devices

It depends.

Maybe you need to clarify in a lot more detail what you are planning to do ?
A logical workaround would be to use VPN on only those devices, then you control what comes via that VPN and what not.
by holvoetn
Sat Dec 14, 2024 1:08 pm
Forum: Wireless Networking
Topic: wifi-qcom & wifi-qcom-ac manually specify the data rates
Replies: 3
Views: 312

Re: Wifiwave2 manually specify the data rates

With the arrival of vendor drivers for wave2, that option went away.

Wireless legacy drivers were completely made in house, so much more control over what could be done.
by holvoetn
Sat Dec 14, 2024 12:28 pm
Forum: Wireless Networking
Topic: Band steering - "priority" to 5Ghz [SOLVED]
Replies: 55
Views: 40054

Re: Band steering - "priority" to 5Ghz [SOLVED]

It's not a good idea to actively block clients using access list.
Some clients might avoid such an AP completely.

Unless that's your aim, then I wonder why you keep using the same SSID for that frequency ?
by holvoetn
Sat Dec 14, 2024 12:26 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 267
Views: 32457

Re: wAP ax?

Oh
My
God
....


It shows who has everything to say in your household.
by holvoetn
Sat Dec 14, 2024 12:25 pm
Forum: Wireless Networking
Topic: capsman ccr1009-7g with cAP AX
Replies: 9
Views: 437

Re: capsman ccr1009-7g with cAP AX

You can have both capsman versions on the same controller.
You can not have seamless roaming between both controllers.

It is what it is.
by holvoetn
Sat Dec 14, 2024 10:48 am
Forum: Beginner Basics
Topic: How to send a PING?
Replies: 3
Views: 737

Re: How to send a PING?

Check your routes.

And then the router will ... route.
by holvoetn
Sat Dec 14, 2024 10:46 am
Forum: Wireless Networking
Topic: capsman ccr1009-7g with cAP AX
Replies: 9
Views: 437

Re: capsman ccr1009-7g with cAP AX

Should be default there if you have ROS 7.13 or higher, under wifi menu.
by holvoetn
Fri Dec 13, 2024 10:34 pm
Forum: RouterBOARD hardware
Topic: Where is the Audience AX?
Replies: 10
Views: 1136

Re: Where is the Audience AX?

Uh ??
by holvoetn
Fri Dec 13, 2024 4:03 pm
Forum: General
Topic: Frequecy Scan to file scan1
Replies: 4
Views: 687

Re: Frequecy Scan to file scan1

What ROS version ?
There was a change in ROS 7.14 where "no country" results in "Latvia".
by holvoetn
Fri Dec 13, 2024 12:38 pm
Forum: General
Topic: 80% of QSFP Ports broken?!
Replies: 3
Views: 1451

Re: 80% of QSFP Ports broken?!

Already contacted support about it ?

They don't read all posts here since this is a user forum.
by holvoetn
Fri Dec 13, 2024 12:30 pm
Forum: Wireless Networking
Topic: New CAPsMAN with dual AP's
Replies: 5
Views: 459

Re: New CAPsMAN with dual AP's

You shouldn't even set datapath at all on CAPs side.
by holvoetn
Fri Dec 13, 2024 11:59 am
Forum: Wireless Networking
Topic: New CAPsMAN with dual AP's
Replies: 5
Views: 459

Re: New CAPsMAN with dual AP's

There are some limitations when using wifi-qcom-ac driver, mainly VLANs can not be dynamically asigned. 802.11ac chipsets do not support this type of VLAN tagging , but they can be configured as VLAN access ports in bridge settings. = you shouldn't use vlan-id in datapath on AC device. Adding: use ...
by holvoetn
Fri Dec 13, 2024 9:00 am
Forum: General
Topic: hAP ax2 is registering itself in Windows DHCP with random (DHCP?) addresses
Replies: 9
Views: 975

Re: hAP ax2 is registering itself in Windows DHCP with random (DHCP?) addresses

... My home lab network is relatively simple: hAP ax2, two Windows Server 2022 domain controllers, couple of dev servers and my workstation. Simple ?? :shock: Check for DHCP client on that device. Or sniff the network using wireshark to see which devices are sending out request for DHCP leases (and...
by holvoetn
Thu Dec 12, 2024 7:16 pm
Forum: RouterBOARD hardware
Topic: Where is the Audience AX?
Replies: 10
Views: 1136

Re: Where is the Audience AX?

How long did it take for wap AX to come out ?

Let's assume they are working on it.
by holvoetn
Thu Dec 12, 2024 2:57 pm
Forum: SwOS
Topic: Connect 3x CRS326-24G-2S+RM x1 RB5009UPr+S+IN and NAS, is it possible ?
Replies: 8
Views: 844

Re: Connect 3x CRS326-24G-2S+RM x1 RB5009UPr+S+IN and NAS, is it possible ?

RB5009 even has a 3th powering option on the side.

Also, POE version of RB5009 can be powered using POE on ALL 8 ether ports.
by holvoetn
Thu Dec 12, 2024 12:21 pm
Forum: SwOS
Topic: Connect 3x CRS326-24G-2S+RM x1 RB5009UPr+S+IN and NAS, is it possible ?
Replies: 8
Views: 844

Re: Connect 3x CRS326-24G-2S+RM x1 RB5009UPr+S+IN and NAS, is it possible ?

Do you have any informations that RB5009UPr+S+IN can be tricky when using 2.5Gbit port for ISP and transfer goes above 1Gbit and also SPF+ i utilized to connect to CRS326-24G-2S+RM SPF+, I have read that there are some problems that router can make lags or some kind of problems?. Not that I am awar...
by holvoetn
Thu Dec 12, 2024 11:18 am
Forum: General
Topic: CRS326-24G-2S+RM only act as switch, without any other option, possible ?
Replies: 6
Views: 540

Re: CRS326-24G-2S+RM only act as switch, without any other option, possible ?

Yes.
Surely your default subnet is not going to be 192.168.88.0/24, is it ?
by holvoetn
Thu Dec 12, 2024 11:16 am
Forum: SwOS
Topic: Connect 3x CRS326-24G-2S+RM x1 RB5009UPr+S+IN and NAS, is it possible ?
Replies: 8
Views: 844

Re: Connect 3x CRS326-24G-2S+RM x1 RB5009UPr+S+IN and NAS, is it possible ?

That's a logical consequence from daisy-chaining those switches one after the other. Only the part which is behind the switch which breaks down, will go down. If it's the first one, everything goes down. If it's the last one, only 24 clients will go down. If it's the RB5009 going down, everything is...
by holvoetn
Thu Dec 12, 2024 11:00 am
Forum: Wireless Networking
Topic: CAPSMAN on L009UiGS-2HaxD
Replies: 6
Views: 425

Re: CAPSMAN on L009UiGS-2HaxD

Anyway, I think I'm going to test in my office if it is possible to add the wifiwave2 driver to the AC2s and link them with the L009UiGS-2HaxD with the same driver. I'm not sure if it will work, but we have to try it. It will work. I have several AC devices runing wifi-qcom-ac package without probl...
by holvoetn
Thu Dec 12, 2024 10:03 am
Forum: General
Topic: Mikrotik hap lite can't start
Replies: 3
Views: 412

Re: Mikrotik hap lite can't start

This is VERY odd indeed ?!

And did you try simply using the mips package as it indicates ?
Because what strikes me as equally odd, is that same QCA9533 CPU is used in mAP Lite and cAP Lite and those ARE mips devices. Not SMIPS.
by holvoetn
Thu Dec 12, 2024 9:55 am
Forum: Wireless Networking
Topic: CAPSMAN on L009UiGS-2HaxD
Replies: 6
Views: 425

Re: CAPSMAN on L009UiGS-2HaxD

In that case you have another option but you should thoroughly test it ... hAP AC2 can also make use of wifiwave2 drivers (wifi-qcom-ac) IF you're not doing other things on that device (plain switch, pure AP, nothing more). Problem with AC2 is that it has a quite limited storage and using wifi-qcom-...
by holvoetn
Thu Dec 12, 2024 9:34 am
Forum: Wireless Networking
Topic: CAPSMAN on L009UiGS-2HaxD
Replies: 6
Views: 425

Re: CAPSMAN on L009UiGS-2HaxD

I am going to assume all your other access points are using legacy wireless (read: not AX). And there is your problem now. See this Help page: https://help.mikrotik.com/docs/spaces/ROS/pages/1409138/Wireless and this: https://help.mikrotik.com/docs/spaces/ROS/pages/224559120/WiFi For AX radios capsm...
by holvoetn
Thu Dec 12, 2024 8:16 am
Forum: SwOS
Topic: Connect 3x CRS326-24G-2S+RM x1 RB5009UPr+S+IN and NAS, is it possible ?
Replies: 8
Views: 844

Re: Connect 3x CRS326-24G-2S+RM x1 RB5009UPr+S+IN and NAS, is it possible ?

Yes. And the beauty ? On CRS326 you do not have to do anything except for changing IP address.
by holvoetn
Thu Dec 12, 2024 8:14 am
Forum: General
Topic: CRS326-24G-2S+RM only act as switch, without any other option, possible ?
Replies: 6
Views: 540

Re: CRS326-24G-2S+RM only act as switch, without any other option, possible ?

Sure.
That's how it default starts.
You only need to look at the IP address, rest of config default starts as a pure switch (because ... that's what it is !).
by holvoetn
Wed Dec 11, 2024 4:36 pm
Forum: Beginner Basics
Topic: Need HELP!!!!!!!!
Replies: 2
Views: 517

Re: Need HELP!!!!!!!!

Topic locked since the exact same question is already being handled in another thread.
by holvoetn
Wed Dec 11, 2024 4:21 pm
Forum: General
Topic: Do AP's come with all router functions?
Replies: 19
Views: 1344

Re: Do AP's come with all router functions?

Add-ons: not really or not in the way you may see it. But you can install containers. So if it works in a container, it may work. Not full-fledged docker but usable. Provided you have enough storage, memory, ... My personal view: a router is not my primary target devide to run such things. I also to...
by holvoetn
Wed Dec 11, 2024 11:27 am
Forum: RouterBOARD hardware
Topic: Switch in RB509/L009 FormFactor
Replies: 8
Views: 1766

Re: Switch in RB509/L009 FormFactor

Having just purchased all material for a small shop, bit of router functions and 4 APs which needed to be POE powered. Some printers, some PCs. About 10 connections in total. Give it some spare for near future and I should need 16 ports. I was initially thinking towards RB5009Pr but that would reall...
by holvoetn
Wed Dec 11, 2024 10:53 am
Forum: General
Topic: IP Cloud (Dynamic DNS) down?
Replies: 101
Views: 14449

Re: mynetname is down ?

It seems to be working now, checking from Greece. BTW, free service means "Best effort" SLA... If critical systems depend on connectivity other means should be used for DDNS, usually with a fee.
Correct attitude !
by holvoetn
Wed Dec 11, 2024 10:52 am
Forum: General
Topic: IP Cloud (Dynamic DNS) down?
Replies: 101
Views: 14449

Re: IP Cloud (Dynamic DNS) down?

Threads merged.
by holvoetn
Tue Dec 10, 2024 9:04 pm
Forum: Containers
Topic: Heimdall container on AX3
Replies: 8
Views: 5712

Re: Heimdall container on AX3

Nice job :D
by holvoetn
Tue Dec 10, 2024 7:52 pm
Forum: General
Topic: Limited Bandwidth on Thunderbird? [SOLVED]
Replies: 6
Views: 676

Re: Limited Bandwidth on Thunderbird? [SOLVED]

Sure it's not Gmail capping that connection ?
150Gb is HUUUUGE !

https://support.google.com/a/answer/1071518?hl=en
by holvoetn
Tue Dec 10, 2024 6:06 pm
Forum: General
Topic: Do AP's come with all router functions?
Replies: 19
Views: 1344

Re: Do AP's come with all router functions?

- In case I do need to verify via SSH, can I use typical tools like PuTTY? I think PuTTY works with OpenSSL and if RouterOS doesn't support that, then I don't know...
All that should work, although been years since I tried PuTTY.
PuTTY works just fine.
by holvoetn
Tue Dec 10, 2024 5:05 pm
Forum: RouterBOARD hardware
Topic: Quickset modes C53UiG+5HPaxD2HPaxD
Replies: 13
Views: 2048

Re: Quickset modes C53UiG+5HPaxD2HPaxD

First things first ... ROS is so powerful because you can almost do anything with it. And here is the drawback, because you can almost do anything with it, a lot of people get lost. Mesh is there from older legacy wireless HW. It's not applicable anymore to AX HW. Cap is there from older HW with leg...
by holvoetn
Tue Dec 10, 2024 4:20 pm
Forum: General
Topic: Wireguard tunnel stopping on its own
Replies: 7
Views: 693

Re: Wireguard tunnel stopping on its own

Check on client peer side if Persistent Keepalive is set (typical: set it to 25s = 00:00:25).
by holvoetn
Tue Dec 10, 2024 3:28 pm
Forum: General
Topic: CAPSMAN provisioning + DHCP server not working for CAP devices [SOLVED]
Replies: 10
Views: 1515

Re: CAPSMAN provisioning [SOLVED]

This solved the issue with CAPsMAN provisioning, but now DHCP server don't give IP addresses to devices connected to WiFi trough the CAP devices. External radios or local radios ? What's this ? /ip dhcp-server network add address=0.0.0.0/24 gateway=0.0.0.0 netmask=24 I think that shouldn't be there...
by holvoetn
Tue Dec 10, 2024 3:19 pm
Forum: Containers
Topic: Heimdall container on AX3
Replies: 8
Views: 5712

Re: Heimdall container on AX3

Wouldn't it be sensible then to present your config for review ?
by holvoetn
Tue Dec 10, 2024 1:13 pm
Forum: Beginner Basics
Topic: PVID
Replies: 10
Views: 953

Re: PVID

Interesting read: Rules of the Mikrotik Club: 1) You do not use VLAN1 2) You DO NOT use VLAN1 3) You remove default user admin and set a strong password before connecting to the internet. 4) You do not use Quickset. 5) You do not use detect internet. 6)... Now #6 might be added as either: 6) You set...
by holvoetn
Tue Dec 10, 2024 12:45 pm
Forum: General
Topic: WireGuard, OpenVPN client not working
Replies: 4
Views: 615

Re: WireGuard, OpenVPN client not working

I have plenty of WG tunnels between MT gear and other stuff (Linux, Windows, Android, ...). It works. It is not impossible nor difficult if you use the correct settings. Having only TX and no RX is normal. Wireguard always tries to send. Only when you see something coming back, then you know it work...
by holvoetn
Tue Dec 10, 2024 12:31 pm
Forum: General
Topic: Winbox on arm64
Replies: 5
Views: 617

Re: Winbox on arm64

wine doesnt works native implementation will be nice Why not ? It should work. https://pimylifeup.com/raspberry-pi-wine/#:~:text=Installing%20Wine%20on%20to%20your,aren't%20compiled%20for%20ARM. Again: ask support. This is a USER forum. MT staff sometimes frequents this place but not always and cer...
by holvoetn
Tue Dec 10, 2024 11:39 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1630
Views: 434448

Re: 📣 WinBox 4 is here 📣

Same problem here.

WIN 11 23H2 22631.4460
After 3th attempt, it succeeded and restarted with new version.
by holvoetn
Tue Dec 10, 2024 11:26 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1630
Views: 434448

Re: 📣 WinBox 4 is here 📣

Same problem here.

WIN 11 23H2 22631.4460
by holvoetn
Tue Dec 10, 2024 10:16 am
Forum: General
Topic: map lite, Netinstall, Linux
Replies: 4
Views: 774

Re: map lite, Netinstall, Linux

Command used looks correct to me (as in: it's the same I have in my notes). But ... you should not forget to ALSO send wireless package. Wireless drivers are not in the base ROS package anymore as of 7.13. So the wireless package (or wifi-qcom or wifi-qcom-ac depending on device) needs to be send as...
by holvoetn
Tue Dec 10, 2024 9:43 am
Forum: General
Topic: Winbox on arm64
Replies: 5
Views: 617

Re: Winbox on arm64

Best to ask support but I guess you will have to revert to using Wine.
by holvoetn
Tue Dec 10, 2024 9:11 am
Forum: General
Topic: Do AP's come with all router functions?
Replies: 19
Views: 1344

Re: Do AP's come with all router functions?

My personal experience with wireguard between two routers both on same ISP network with 1gig connections was in the 300 range.
Also curious as to what others see.
AX Lite to RB5009: 405/400 Mbps
by holvoetn
Tue Dec 10, 2024 8:48 am
Forum: Announcements
Topic: v7.16.2 [stable] is released!
Replies: 490
Views: 189384

Re: v7.16.2 [stable] is released!

Something odd going on with partitioning ... [xyz@RB5009] > part [xyz@RB5009] /partitions> activate copy-to find repartition restore-config-from set comment edit print reset save-config-to [xyz@RB5009] /partitions> print Flags: A - ACTIVE; R - RUNNING Columns: NAME, FALLBACK-TO, VERSION, SIZE # NAME...
by holvoetn
Tue Dec 10, 2024 8:03 am
Forum: General
Topic: Initial config of CRS304-4XG-IN?
Replies: 3
Views: 292

Re: Initial config of CRS304-4XG-IN?

Post config and specify what you want to do. 1 bridge All interfaces to bridge Possibly dhcp client to bridge or fixed ip. There is not much more to it. For config open terminal export file=anynameyouwish move file to PC redact serial number post contents back here in between [ code] [/ code] quotes...
by holvoetn
Mon Dec 09, 2024 8:10 pm
Forum: RouterBOARD hardware
Topic: OmniTik Wireless Cable
Replies: 3
Views: 715

Re: OmniTik Wireless Cable

And you still did not specify what the actual problem is...
by holvoetn
Mon Dec 09, 2024 8:03 pm
Forum: General
Topic: Do AP's come with all router functions?
Replies: 19
Views: 1344

Re: Do AP's come with all router functions?

Correct observation :lol:
by holvoetn
Mon Dec 09, 2024 7:12 pm
Forum: Wireless Networking
Topic: Struggling with HAP AX2 wifi config
Replies: 21
Views: 1493

Re: Struggling with HAP AX2 wifi config

Why one bridge instead of one ?

...

If I wrote something wrong someone will correct me.
First line is not correct :lol:
by holvoetn
Mon Dec 09, 2024 6:25 pm
Forum: General
Topic: Do AP's come with all router functions?
Replies: 19
Views: 1344

Re: Do AP's come with all router functions?

Every device runs ROS, so every device can act as a router if that is your question. Not all Mikrotik devices, there are devices running SWOS or SWOS Lite. But the ones that do run ROS, all have a full-featured version of ROS, taking into account some HW restrictions. (e.g. don't load too many addi...
by holvoetn
Mon Dec 09, 2024 5:52 pm
Forum: Containers
Topic: Heimdall container on AX3
Replies: 8
Views: 5712

Re: Heimdall container on AX3

What ROS version are you using ?
I seem to recall there have been some fixes especially for this permission problem.
by holvoetn
Mon Dec 09, 2024 5:11 pm
Forum: Wireless Networking
Topic: Wireless, CAPSMAN, update from pre 7.13
Replies: 2
Views: 421

Re: Wireless, CAPSMAN, update from pre 7.13

Two things ... you can perfectly keep using legacy wireless with those cap-ac devices. Al you need to do then is load wireless package on RB5009 (as of ROS 7.13) and you're good to go (just be aware the menu structure will be on another place. Not wifi but wireless/wifi, or something like that) If y...
by holvoetn
Mon Dec 09, 2024 2:31 pm
Forum: RouterOS beta
Topic: Wireguard use Hostname in endpoint
Replies: 66
Views: 24076

Re: Wireguard use Hostname in endpoint

Works already for quite a while so what is the problem ?

2024-12-09_13-30-08.jpg
by holvoetn
Mon Dec 09, 2024 10:30 am
Forum: Wireless Networking
Topic: Struggling with HAP AX2 wifi config
Replies: 21
Views: 1493

Re: Struggling with HAP AX2 wifi config

Well... If you are using your ax2 as an AP then you should try to enable VLAN filtering on your bridge. Well... yes I did, however I removed it while trying to get the router to become an AP, once it starts doing its thing I will put that config back. VLAN filtering is not likely to be the issue wi...
by holvoetn
Sat Dec 07, 2024 4:19 pm
Forum: Beginner Basics
Topic: Help with setup issues on RB951
Replies: 16
Views: 1381

Re: Help with setup issues on RB951

Netinstall and starting again from default is seldom a wrong approach :wink:
by holvoetn
Sat Dec 07, 2024 3:02 pm
Forum: Containers
Topic: PiHole / files not persistent Topic is solved
Replies: 6
Views: 879

Re: PiHole / files not persistent Topic is solved

Possibly an issue with the mount location ?

On RB5009 there is a confirmed issue with startup of some USB3 stick so I have to be really careful with my containers too after restart/ reboot.
by holvoetn
Sat Dec 07, 2024 1:27 pm
Forum: Beginner Basics
Topic: Help with setup issues on RB951
Replies: 16
Views: 1381

Re: Help with setup issues on RB951

I know.
And that usually means weak admin passwd.
by holvoetn
Sat Dec 07, 2024 11:43 am
Forum: Beginner Basics
Topic: Help with setup issues on RB951
Replies: 16
Views: 1381

Re: Help with setup issues on RB951

Of course it's always possible that router was compromised from LAN side (some computer running malware) so if things happen again, check your LAN clients (or restrict access to router management to a dedicated management port). That would mean a real weak passwd was used or someone in the 'trust' ...
by holvoetn
Sat Dec 07, 2024 9:54 am
Forum: General
Topic: Problem with 7.16.2
Replies: 4
Views: 545

Re: Problem with 7.16.2

Well ... and the question is?
That was my first reaction too when I approved that post :lol:

OP
post your config as requested, provide a bit more detail on how things fit in the larger picture and we can work from there.
by holvoetn
Fri Dec 06, 2024 7:07 pm
Forum: General
Topic: Wireguard VPN and Home LAN
Replies: 7
Views: 698

Re: Wireguard VPN and Home LAN

Use 0.0.0.0/0 as allowed addresses.
Everything will go down the tunnel then.
by holvoetn
Fri Dec 06, 2024 12:04 pm
Forum: Beginner Basics
Topic: hAP ax lite LTE6 how to set as repeater
Replies: 13
Views: 1301

Re: hAP ax lite LTE6 how to set as repeater

Just a minute.
It all depends on how the uplink is going to be... if LTE you are leaving the device wide open.
by holvoetn
Fri Dec 06, 2024 10:12 am
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

Bonding still requires multi stream or you will have zero effect.
by holvoetn
Fri Dec 06, 2024 10:11 am
Forum: Wireless Networking
Topic: Setting up wireless network with hAP ax3 and cAP ax [SOLVED]
Replies: 6
Views: 996

Re: Setting up wireless network with hAP ax3 and cAP ax [SOLVED]

Not when used indoors.
Only 1 minute DFS.
by holvoetn
Fri Dec 06, 2024 9:42 am
Forum: Wireless Networking
Topic: Setting up wireless network with hAP ax3 and cAP ax [SOLVED]
Replies: 6
Views: 996

Re: Setting up wireless network with hAP ax3 and cAP ax [SOLVED]

What is wrong with 52 or 60 ? You don't HAVE to use 80MHz channels. Sometimes it is even better to go smaller.

Problem with these high ranges is that quite a bit of client devices are not able to use them.
So be careful and check.
by holvoetn
Fri Dec 06, 2024 8:32 am
Forum: Beginner Basics
Topic: hAP ax lite LTE6 how to set as repeater
Replies: 13
Views: 1301

Re: hAP ax lite LTE6 how to set as repeater

Once you are done we can proceed. Do not forget to update modem firmware as well. The device can be used as wifi repeater but I wonder why you use an LTE device for that ? How is it going to repeat the wifi signal ? Through local ethernet or via that LTE ? Maybe best to describe in more detail what ...
by holvoetn
Fri Dec 06, 2024 6:54 am
Forum: Wireless Networking
Topic: Setting up wireless network with hAP ax3 and cAP ax [SOLVED]
Replies: 6
Views: 996

Re: Setting up wireless network with hAP ax3 and cAP ax [SOLVED]

Also: scan the environment for each ap separately. You have the tools available in ROS, use them.

Choose a frequency which is not already used by others ( even your own AP if it is close enough) to avoid interference.
by holvoetn
Thu Dec 05, 2024 11:47 pm
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

Depends on what you want to favor.
You can not ace each and every parameter. Not with the prices these things cost.
by holvoetn
Thu Dec 05, 2024 11:42 pm
Forum: General
Topic: CAPSMAN provisioning + DHCP server not working for CAP devices [SOLVED]
Replies: 10
Views: 1515

Re: CAPSMAN provisioning [SOLVED]

Then it may be time to put your config on the table.
Controller and 1 wap AX please.
Make sure to remove all private/public info.
And please post both configs between code quotes.
by holvoetn
Thu Dec 05, 2024 11:39 pm
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

Errrmm ... you might as well look at the test results posted by Mikrotik then.
That's more or less what they do when conducting those tests.
by holvoetn
Thu Dec 05, 2024 6:14 pm
Forum: Beginner Basics
Topic: Secure Remote Access - QuickSet VPN
Replies: 17
Views: 2250

Re: Secure Remote Access - QuickSet VPN

First wireguard
Then winbox over the wireguard tunnel.

You accept the wireguard traffic.
And then you accept winbox coming via wireguard.

No marking / mangling needed.
by holvoetn
Thu Dec 05, 2024 4:07 pm
Forum: RouterBOARD hardware
Topic: hEX refresh (E50UG) - router for gigabit internet?
Replies: 24
Views: 3220

Re: hEX refresh (E50UG) - router for gigabit internet?

Unmanaged switch ? Not for me, thank you.
I wanted a managed switch running ROS on arm :lol:

Serious
purely for home lab purposes. To replace old Hex.
And W?BIC.





Why ? Because I Can.
by holvoetn
Thu Dec 05, 2024 4:00 pm
Forum: Beginner Basics
Topic: Mac filtering is not working
Replies: 1
Views: 410

Re: Mac filtering is not working

And AI is not able to solve that problem for you ? :o Put a log action on that drop rule and see which MAC addresses are being dropped. Chances are high it's not the one from DELL in your accept rule ... Are you sure there is nothing in between sender and your firewall changing src MAC address ? Are...
by holvoetn
Thu Dec 05, 2024 3:32 pm
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

But, back to that thread.... It is lively, with an evolution, so it's a little hard to follow what the current/latest instructions and supporting files/apps are. I haven't tried that version Ammo posted there. As indicated, semaja's version works, I'm not touching it. Follow the steps in the first ...
by holvoetn
Thu Dec 05, 2024 3:19 pm
Forum: General
Topic: RB912UAG-2HPnD - wifi interface is missing
Replies: 17
Views: 1150

Re: RB912UAG-2HPnD - wifi interface is missing

But this is about: RB912UAG-2HPnD, without OUT

https://mikrotik.com/product/RB912UAG-2HPnD

That's still being listed as active.
by holvoetn
Thu Dec 05, 2024 3:01 pm
Forum: General
Topic: RB912UAG-2HPnD - wifi interface is missing
Replies: 17
Views: 1150

Re: RB912UAG-2HPnD - wifi interface is missing

What if you go back to last know working version( ROS5 ... uh, shivers ...) and then use upgrade path from within the system towards ROS6 and then towards ROS7 ? If there is truly a limit, that upgrade process should stop you. Netinstall most like doesn't. Last resort: ask support. File a ticket and...
by holvoetn
Thu Dec 05, 2024 2:53 pm
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

Being someone who also had my fingers on a keyboard the first time in 1980 (VIC-20, oldtimers will surely remember it with its 3.5Kb of free RAM) when I was 12... I never played games (ok, not much :lol: ) I'm an auto-didact and I am blessed to learn pretty fast. I learned myself to do so. Same with...
by holvoetn
Thu Dec 05, 2024 2:24 pm
Forum: General
Topic: Winbox mac-connect Windows 11 not working
Replies: 18
Views: 6403

Re: Winbox mac-connect Windows 11 not working

You are aware there is now a native Mac Winbox client ?
by holvoetn
Thu Dec 05, 2024 2:23 pm
Forum: General
Topic: Wireguard VPN and Home LAN
Replies: 7
Views: 698

Re: Wireguard VPN and Home LAN

Again theoretically... yes but you see what rabbit hole you're going to get into ? What if there is another device with overlapping IP address ? Again: is it only the PC of the USER requiring access ? In that case the issue might be a lot less. Simply (during that session) let all traffic go over VP...
by holvoetn
Thu Dec 05, 2024 12:48 pm
Forum: Wireless Networking
Topic: Beginner CAPsMAN questions
Replies: 8
Views: 837

Re: Beginner CAPsMAN questions

You mean my settings in /interface/wifi/provisioning/export , but instead per AP and Radio MAC defined there? I guess, by setting which frequency you mean, so you don't have any overlapping, which could happen, if AP chooses on its own a frequency from list? Yes. If you let them choose, it might st...
by holvoetn
Thu Dec 05, 2024 12:42 pm
Forum: RouterBOARD hardware
Topic: hEX refresh (E50UG) - router for gigabit internet?
Replies: 24
Views: 3220

Re: hEX refresh (E50UG) - router for gigabit internet?

Could be a config issue but I don't think so. These results are a pure consequence from having that ether1 port directly connected to CPU and not to switch chip. Keep in mind: this was a MANAGED SWITCH config so everything VLAN not being HW offloaded to switch, has to pass CPU. Again: I used the EXA...
by holvoetn
Thu Dec 05, 2024 12:22 pm
Forum: General
Topic: hEX refresh and Verizon FIOS Slow Upload Speed
Replies: 8
Views: 1154

Re: hEX refresh and Verizon FIOS Slow Upload Speed

If I did not make it clear enough that it wasn’t just a hEX refresh issue when I mentioned others having the same (or similar) issues with other routers, I don’t know what to say there…
No, no, you made that very clear :lol:
by holvoetn
Thu Dec 05, 2024 12:14 pm
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

PC with intel AX211, so it supports 160Mhz-wide channels.
About 940-950Mbps using iperf3 to internal iperf container, which are normal values for a 1Gb link.
So the limit is the ethernet port, I guess.
by holvoetn
Thu Dec 05, 2024 12:11 pm
Forum: Wireless Networking
Topic: Beginner CAPsMAN questions
Replies: 8
Views: 837

Re: Beginner CAPsMAN questions

You don't need anything else on RB5009 except for base ROS package, capsman is available and can be used. High level it looks ok with some remarks: You allow channels on 5Ghz which may result in overlaps/interference if you use 160MHz on your APs (e.g. 5180 and 5260, 5500 and 5580). You also let the...
by holvoetn
Thu Dec 05, 2024 11:47 am
Forum: General
Topic: Wireguard VPN and Home LAN
Replies: 7
Views: 698

Re: Wireguard VPN and Home LAN

Connecting 2 subnets with the same IP-range is asking for trouble. You WILL get conflicts. I'm not saying it can not be done (you still need to take care of overlapping addresses) but you will probably create a lot of other problems. Changing the home subnet is the best option in my view. One of the...
by holvoetn
Thu Dec 05, 2024 10:57 am
Forum: General
Topic: ND Proxy
Replies: 2
Views: 537

Re: ND Proxy

Biggest problem of these times ... AI making things up and most are unable to determine what's right or wrong and just think is has to be right. It LOOKS right but it is not, as you have seen. There is no proxy-property to be set in ROS7. It looks to me this is coming from ROS6 because The Dude (new...
by holvoetn
Thu Dec 05, 2024 10:47 am
Forum: Beginner Basics
Topic: SSID not broadcasting
Replies: 1
Views: 362

Re: SSID not broadcasting

Can you access the device using webfig (webbrowser) or Winbox ?

Are both 2Ghz and 5GHz radios not transmitting ?
When certain frequencies are being used for 5GHz it can take several minutes before it appears due to radar detection checks (even up to 15 minutes)
by holvoetn
Thu Dec 05, 2024 10:16 am
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

Actually, that's 2 separate gigabit ethernet ports. It may seem strange but you will rarely get there. That 2400Mbit/s is the physical data rate. Has little to do with the actual throughput (though higher data rate usually results in higher throughput). Rule of thumb: roughly 50% of data rate is wha...
by holvoetn
Thu Dec 05, 2024 10:14 am
Forum: RouterBOARD hardware
Topic: hEX refresh (E50UG) - router for gigabit internet?
Replies: 24
Views: 3220

Re: hEX refresh (E50UG) - router for gigabit internet?

FWIW ... from PC using wAP AX as AP and Hex Refresh in between towards RB5009 as router with iperf3 container ... I was able to get 900Mbps. Hex wasn't even sweating. But that's with Hex Refresh in managed switch mode (read: VLANs being used) NOT using ether1 as uplink ! In that same config using et...
by holvoetn
Thu Dec 05, 2024 9:38 am
Forum: General
Topic: CAPSMAN provisioning + DHCP server not working for CAP devices [SOLVED]
Replies: 10
Views: 1515

Re: CAPSMAN provisioning [SOLVED]

Are you referring to caps radios becoming visible in capsman or the radios themselves becoming visible to clients ? The former should be rather quick. On my installations it is a matter of seconds after reboot. The latter can take up to 15 minutes if you use DFS frequencies (radar checks needs to be...
by holvoetn
Thu Dec 05, 2024 9:33 am
Forum: General
Topic: hEX refresh and Verizon FIOS Slow Upload Speed
Replies: 8
Views: 1154

Re: hEX refresh and Verizon FIOS Slow Upload Speed

So the problem is clearly with Verizon ONT ... Just wondering: What port did you use for uplink to ISP device ? I suppose ether1 ? You are aware ether1 is handled completely different from the 4 other ether ports on that particular version of Hex ? (see block diagram) When you do speedtests maxing o...
by holvoetn
Thu Dec 05, 2024 9:19 am
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

Sure, why not ?
by holvoetn
Thu Dec 05, 2024 8:23 am
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 264
Views: 86345

Re: v7.17rc [testing] is released!

So, is something wrong with 7.17RC for RB5009 with Capsman? Or was I just very unlucky for some reason? I don't think it has anything to do with capsman. I had a complete crash on my RB5009 (needed to power cycle to get it back) and had to revert to 7.17b6. After trying to partition that device, it...
by holvoetn
Thu Dec 05, 2024 8:11 am
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

Are you saying that the hAP ax2 is more versitile than the hAP ax3? If so, how? Try to fit an AX3 in your backpack. Or simply move it around to another place. Those big ears make it a bit less handy for that. I'd love to hear what netinstalled "using container on AX3" means? Simple. Usb s...
by holvoetn
Wed Dec 04, 2024 7:50 pm
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

For versatility I would also go for AX2 but ... it has no usb port.

Just netinstalled 5 cap ac ( ros and wifi-qcom-ac) using container on AX3.
First time right on each occurrence.
by holvoetn
Wed Dec 04, 2024 7:36 pm
Forum: Wireless Networking
Topic: RB4011iGS+5HacQ2HnD-IN and WPA3
Replies: 14
Views: 2204

Re: RB4011iGS+5HacQ2HnD-IN and WPA3

Sure. Each slave radio needs to be attached to a master and will take over the physical properties but can have separate SSID and security. Each of those slave radios will be an interface on its own and then the VLAN game can be applied again. Just don't overdo it because each virtual SSID will ulti...
by holvoetn
Wed Dec 04, 2024 7:34 pm
Forum: Beginner Basics
Topic: Port based Routing to 2 identical IP [SOLVED]
Replies: 11
Views: 1600

Re: Port based Routing to 2 identical IP [SOLVED]

Good job !
by holvoetn
Wed Dec 04, 2024 6:54 pm
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 33
Views: 2409

Re: Which is fastest wifi device

From those 3, wap AX since it allows for 160MHz channels (if you can use it within your environment. I can :lol: ).
by holvoetn
Wed Dec 04, 2024 4:45 pm
Forum: General
Topic: RB912UAG-2HPnD - wifi interface is missing
Replies: 17
Views: 1150

Re: RB912UAG-2HPnD - wifi interface is missing

It does seem odd wireless package is loaded yet not being used ?

You could try to simply MANUALLY add the wifi interface (in case that interface really needs a long time before it becomes operational after startup). What happens then ?
by holvoetn
Wed Dec 04, 2024 4:36 pm
Forum: Beginner Basics
Topic: Port based Routing to 2 identical IP [SOLVED]
Replies: 11
Views: 1600

Re: Port based Routing to 2 identical IP [SOLVED]

I think I have seen a similar question recently and if I'm not mistaking, you need to use some sort of address remapping based on port.

Edit: I knew I saw it already before not too long ago :D

viewtopic.php?p=1108865#p1108865
by holvoetn
Wed Dec 04, 2024 3:53 pm
Forum: General
Topic: VPN Site to site ?
Replies: 11
Views: 1098

Re: VPN Site to site ?

What model of mikrotik routers do you have in Venezuela and Espana?
It's hidden in the wall of text :lol:

AC3 in Venezuela, already present.
Planned to buy AC2 for Spain.
by holvoetn
Wed Dec 04, 2024 3:38 pm
Forum: General
Topic: Is mAP still relevant with RouterOS 7.16 ?
Replies: 5
Views: 589

Re: Is mAP still relevant with RouterOS 7.16 ?

100Mbps over 2.4GHz legacy wireless ? Yeah, one can dream. Make no mistake about my sentiments, however. That mAP is still a fabulous device for its price and flexibility ! I even prefer it over mAP Lite (I do keep that one in my backpack wherever I go). But I get what you mean. Everyone always refe...
by holvoetn
Wed Dec 04, 2024 2:50 pm
Forum: General
Topic: VPN Site to site ?
Replies: 11
Views: 1098

Re: VPN Site to site ?

For wireguard you only need one public IP, as long as that is present, there is no problem to setup a VPN tunnel which you then can cross from the other side, there are plenty of examples how this should be done, do you have by now also the idea that use of proper interpunction and line breaks is a ...
by holvoetn
Wed Dec 04, 2024 11:25 am
Forum: General
Topic: Is mAP still relevant with RouterOS 7.16 ?
Replies: 5
Views: 589

Re: Is mAP still relevant with RouterOS 7.16 ?

It is more an issue with its routing speed, that may be too slow for your requirements, it should be in the 150-200 Mbit range.
And how are you going to do that with only 100Mb ports ??? :lol:
by holvoetn
Wed Dec 04, 2024 11:23 am
Forum: General
Topic: Is mAP still relevant with RouterOS 7.16 ?
Replies: 5
Views: 589

Re: Is mAP still relevant with RouterOS 7.16 ?

Yes, works just fine !

(IPSEC to Azure, Wireguard, EOIP, , DHCP for about 15 devices, routing, ISP connection of 50/20Mb...)
"only" 19d uptime because I did upgrade of that version, before it was 139d.

2024-12-04_10-22-02.jpg
by holvoetn
Wed Dec 04, 2024 7:53 am
Forum: Beginner Basics
Topic: 5GHz Wireless
Replies: 2
Views: 437

Re: 5GHz Wireless

Can go up to 15 minutes...
by holvoetn
Tue Dec 03, 2024 6:41 pm
Forum: Beginner Basics
Topic: Copying a hAP setup to a hAP ac2
Replies: 2
Views: 394

Re: Copying a hAP setup to a hAP ac2

Manually is the safest way. Also observe defaults which may be present on the ac2 which may have been different on the older one. Go for the newer settings then. Don't copy MAC addresses for bridge or interfaces. They will be filled in by default. On itself it is not really a big deal, done it plent...
by holvoetn
Tue Dec 03, 2024 6:32 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 264
Views: 86345

Re: v7.17rc [testing] is released!

My experience so far is that wifi-qcom-ac is just not worth the trouble, it is way more unstable and there is no significant performance gain so if you don't absolutely need new CAPsMAN just stay with the older wireless package... I disagree. +1 on disagreeing. MAJOR difference in performance betwe...
by holvoetn
Tue Dec 03, 2024 6:26 pm
Forum: Wireless Networking
Topic: Cap to cap connection
Replies: 7
Views: 582

Re: Cap to cap connection

Super, no issue there then !
by holvoetn
Tue Dec 03, 2024 3:34 pm
Forum: Wireless Networking
Topic: Cap to cap connection
Replies: 7
Views: 582

Re: Cap to cap connection

As long as the second device gets sufficient power and it can " see" capsman controller network-wise, no problem. What i want to do is: capsman<----wired--->cap1<---wired--->cap2 Or it is daisy-chained (controller wired to cap wired to 2nd cap) in which case there should not be a problem ...
by holvoetn
Tue Dec 03, 2024 2:55 pm
Forum: Beginner Basics
Topic: firewall drop connection
Replies: 6
Views: 732

Re: firewall drop connection

You got a point.
You can check for src_address!=192.168.88.0/27, dst_address=192.168.88.0/27
by holvoetn
Tue Dec 03, 2024 2:52 pm
Forum: Containers
Topic: Fitting a container inside hAP ax lite LTE6
Replies: 9
Views: 1259

Re: Fitting a container inside hAP ax lite LTE6

I doubt that USB-C connector can be used for anything else then powering the device. It's not even mentioned on block diagram (whereas for other devices where I know it works, it clearly is indicated as USB). I even seem to recall Normis (MT staff) mentioned it somewhere (would have to look for it)....
by holvoetn
Tue Dec 03, 2024 11:13 am
Forum: Wireless Networking
Topic: Quectel Redcap RG255C-GL PCI-e 5G Modem Support
Replies: 5
Views: 1343

Re: Quectel Redcap RG255C-GL PCI-e 5G Modem Support

Best to fire ticket to support.
They are the only ones able to tell if and when it can be supported.
by holvoetn
Tue Dec 03, 2024 9:13 am
Forum: General
Topic: RouterOS v7.16 on CRS354-48G-4S+2Q+ (and other models) = slow, predictable crash - OOM
Replies: 11
Views: 2368

Re: RouterOS v7.16 on CRS354-48G-4S+2Q+ (and other models) = slow, predictable crash - OOM

Just to check:
did anyone create a ticket to support about this ?
Otherwise chances are high they do not know about it ...
by holvoetn
Tue Dec 03, 2024 8:32 am
Forum: General
Topic: Firewall rules sanity check
Replies: 2
Views: 456

Re: Firewall rules sanity check

Not an expert either so my personal view. Functionally both are mostly the same. In some edge case (which I can not directly imagine) the second version will catch more so I guess it is the better option. On second option: why use 2 rules for hw-offload or not ? Since I have been looking into this m...
by holvoetn
Tue Dec 03, 2024 8:02 am
Forum: Beginner Basics
Topic: Problem after updating to 7.16.2
Replies: 15
Views: 2100

Re: Problem after updating to 7.16.2

My initial comment to move that one rule to the top was based on the rest not being secure enough already. The only true way to solve this: Use outgoing vpn to some public accessible ip ( either your own or some cloud server) and use that as pivot point to get back in. And then you can close that op...
by holvoetn
Mon Dec 02, 2024 9:36 pm
Forum: Beginner Basics
Topic: Problem after updating to 7.16.2
Replies: 15
Views: 2100

Re: Problem after updating to 7.16.2

Whenever you change something in firewall, clear all connections or wait 10 minutes or reboot.
by holvoetn
Mon Dec 02, 2024 7:09 pm
Forum: Beginner Basics
Topic: Problem after updating to 7.16.2
Replies: 15
Views: 2100

Re: Problem after updating to 7.16.2

Move this rule as first on input chain

add action=accept chain=input comment=WinBox dst-port=8321 protocol=tcp
by holvoetn
Mon Dec 02, 2024 6:19 pm
Forum: Beginner Basics
Topic: Problem after updating to 7.16.2
Replies: 15
Views: 2100

Re: Problem after updating to 7.16.2

Open terminal
/export file=anynameyouwish
Move file to PC
Open file with text editor and remove serial number, passwds, public IP,...
Post contents between [code] [/code] quotes for easier readability.
by holvoetn
Mon Dec 02, 2024 6:00 pm
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 38
Views: 3563

Re: am i using SOHO Firewall or not?

That recommendation was repeated in post #11 and #12
I was going to post again in my view starting from default would be the ONLY sensible starting point but alas ... some are more interesting in patching holes instead of starting from a clean, known to be working config.
by holvoetn
Mon Dec 02, 2024 5:55 pm
Forum: Beginner Basics
Topic: HAPac^2 Ethernet Mode
Replies: 5
Views: 841

Re: HAPac^2 Ethernet Mode

My view:
Then you did not reset to default config.
You can also do this from Winbox/webfig, you know ? System / reset configuration.
Uncheck Caps mode
check Keep users.
Uncheck No Default config
Check Do not backup
by holvoetn
Mon Dec 02, 2024 5:28 pm
Forum: Beginner Basics
Topic: firewall drop connection
Replies: 6
Views: 732

Re: firewall drop connection

hmmm... 24 is not a nice binary number like 16 or 32 (110000 vs 10000/100000). Using a subnet mask is out then. You can add those addresses in an address list and use that one in your firewall rule, I would think ? Address list SERVER_RANGE (or whatever), add all addresses from 192.168.88.1 to 192.1...
by holvoetn
Mon Dec 02, 2024 5:09 pm
Forum: General
Topic: Hex REFRESH
Replies: 11
Views: 892

Re: Hex REFRESH

Why the question asking the question? Typically the LTS is acutally the most stable version available, who doesnt want that (rhetorical question)! However, I have moved off vers6 on my main router recently to ver 7.16, as an LTS for ver7 seems unlikely. :-) yep sir, you’re correct. more stable than...
by holvoetn
Mon Dec 02, 2024 4:35 pm
Forum: General
Topic: Hex REFRESH
Replies: 11
Views: 892

Re: Hex REFRESH

Personal view: To be honest, the way MT handles their versions, LTS-label is not really worth a lot to me. Some may value it as being super stable (based on what ??) but there will always be bugs in it which are sorted out in subsequent non-LTS versions. Which is the more stable then ? LTS or the ne...
by holvoetn
Mon Dec 02, 2024 4:03 pm
Forum: General
Topic: Hex REFRESH
Replies: 11
Views: 892

Re: Hex REFRESH

There is no LTS version yet for ROS7 and since Hex Refresh came out of factory with 7.15.3 (I have one right here on my desk), you can not go lower.

But I have the same remark: why the question for LTS ?
by holvoetn
Mon Dec 02, 2024 4:01 pm
Forum: Beginner Basics
Topic: correcting password field via CLI
Replies: 5
Views: 609

Re: correcting password field via CLI

Observation:
user passwd the same as user name ? Then it could just as well be kept blank. Gives the same level of security.
by holvoetn
Mon Dec 02, 2024 3:36 pm
Forum: Beginner Basics
Topic: correcting password field via CLI
Replies: 5
Views: 609

Re: correcting password field via CLI

Prepare everything in Excel or whatever and then use text functions to create the script. Or any other text processing tool of your preference. I once had to move over about 100 DHCP leases based on Mac address from Win DHCP server to RB5009 and used that approach via Excel. Export from MS Windows D...
by holvoetn
Mon Dec 02, 2024 12:45 pm
Forum: Wireless Networking
Topic: "not responding" - f.k.a. SA Query timeout
Replies: 286
Views: 46271

Re: "not responding" - f.k.a. SA Query timeout

@gjmelena
And your point is ?? It's not really clear from your post.

PS I always use create enabled on capsman provisioning, simply to avoid numbers creeping up whenever a reboot/reconnect happens for whatever reason.
by holvoetn
Mon Dec 02, 2024 12:42 pm
Forum: General
Topic: Wireguard is blocked by ISP any other solution
Replies: 20
Views: 1921

Re: Wireguard is blocked by ISP any other solution

Or change ISP ?
A party blocking VPN is not worth to receive your money.
by holvoetn
Mon Dec 02, 2024 12:22 pm
Forum: Wireless Networking
Topic: Cap to cap connection
Replies: 7
Views: 582

Re: Cap to cap connection

Yes, the second device is wired to the capsman. Now you are contradicting yourself :D Either it is directly connected and then there is no issue. Or it is daisy-chained (controller wired to cap wired to 2nd cap) in which case there should not be a problem either if that first cap is in full bridged...
by holvoetn
Mon Dec 02, 2024 11:50 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1630
Views: 434448

Re: 📣 WinBox 4 is here 📣

Please implemnt column vertical divider lines as it's much easier to read data and recognize where one info ends and a new one starts.
Agree.

On Windows 11 you can't really see it unless you start hovering over the area with your mouse. Inefficient.
by holvoetn
Sun Dec 01, 2024 7:18 pm
Forum: Wireless Networking
Topic: Frequency control
Replies: 3
Views: 428

Re: Frequency control

Configure 2GHz radio and leave 5GHz as it is ...
by holvoetn
Sun Dec 01, 2024 5:41 pm
Forum: Wireless Networking
Topic: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion
Replies: 17
Views: 2244

Re: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion

Vlan and qcom-ac using capsman is ... special.
With ax it is really easy.
by holvoetn
Sun Dec 01, 2024 3:55 pm
Forum: Wireless Networking
Topic: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion
Replies: 17
Views: 2244

Re: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion

No, you do not have to use VLAN.

If you setup devices separately, you can use this approach on each.
https://tangentsoft.com/mikrotik/wiki?n ... ns%20VLANs

But to be honest, once you get how vlans work, they make things easier.
by holvoetn
Sun Dec 01, 2024 2:28 pm
Forum: Wireless Networking
Topic: how to add virtual wifi?
Replies: 4
Views: 509

Re: how to add virtual wifi?

And the solution is ?
Might help others having the same issue as you...
by holvoetn
Sun Dec 01, 2024 2:20 pm
Forum: Beginner Basics
Topic: CHECK MY CONFIGURATION
Replies: 3
Views: 508

Re: CHECK MY CONFIGURATION

First, please have a look at the
code
tag. That makes it easier to read configs.
Fixed.
by holvoetn
Sun Dec 01, 2024 2:11 pm
Forum: Wireless Networking
Topic: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion
Replies: 17
Views: 2244

Re: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion

1- Your choice. See later. 2- wifi is using qcom drivers. Wireless is using MT own developed drivers. With arrival of AX line, MT decided to use qcom drivers. qcom-ac was also made to get wave2 compatibility for older HW having compatible chipsets. 3- Who knows ? :D 4- It just has been redone with w...
by holvoetn
Sun Dec 01, 2024 12:58 pm
Forum: Beginner Basics
Topic: Forward chain "drop all else"- counter is zero
Replies: 10
Views: 998

Re: Forward chain "drop all else"- counter is zero

It doesn't harm, true.

But if everything is already handled before, it doesn't make sense. That's all.
by holvoetn
Sun Dec 01, 2024 12:33 pm
Forum: Beginner Basics
Topic: help with DHCP on VLAN
Replies: 5
Views: 698

Re: help with DHCP on VLAN

Not sure where to start, quite a bit of things which are off. You may want to start reading this excellent tutorial on setting up VLAN: https://forum.mikrotik.com/viewtopic.php?t=143620 Where is the firewall ? Where is DHCP server for the rest of your network ? Where is address assignments for route...
by holvoetn
Sun Dec 01, 2024 10:47 am
Forum: Beginner Basics
Topic: Forward chain "drop all else"- counter is zero
Replies: 10
Views: 998

Re: Forward chain "drop all else"- counter is zero

Simple explanation. The rule doesn't get hit. As a test, disable the forward, invalid rule. See what happens. It's not because a rule doesn't count it is not working. It simply means all the rest before, catches everything before it gets there. But in default firewall, that specific combination is n...
by holvoetn
Sun Dec 01, 2024 10:45 am
Forum: General
Topic: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]
Replies: 95
Views: 8942

Re: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]

And now all notifications from the past weeks are coming through :shock:
by holvoetn
Sat Nov 30, 2024 11:08 pm
Forum: Wireless Networking
Topic: how to add virtual wifi?
Replies: 4
Views: 509

Re: how to add virtual wifi?

And where is the virtual wifi in that config ??

If you add it again, don't forget to attach it to bridge.
by holvoetn
Sat Nov 30, 2024 11:05 pm
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 38
Views: 3563

Re: am i using SOHO Firewall or not?

Netinstall
Start from default
Learn.
by holvoetn
Sat Nov 30, 2024 11:05 pm
Forum: Beginner Basics
Topic: Hex capsman
Replies: 5
Views: 538

Re: Hex capsman

Yes, for managing wave2 radios it is already there.
by holvoetn
Sat Nov 30, 2024 11:04 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 264
Views: 86345

Re: v7.17rc [testing] is released!

That container thing I saw as well.
Luckily it was pretty straightforward to bring them back to life.
by holvoetn
Sat Nov 30, 2024 8:47 pm
Forum: Wireless Networking
Topic: Cap to cap connection
Replies: 7
Views: 582

Re: Cap to cap connection

As long as the second device gets sufficient power and it can " see" capsman controller network-wise, no problem.
by holvoetn
Sat Nov 30, 2024 7:31 pm
Forum: Beginner Basics
Topic: Hex capsman
Replies: 5
Views: 538

Re: Hex capsman

IF , and that's intentionally in capitals, AC3 uses wifi-qcom-ac drivers.
Then wave2 capsman will work on hex.

If AC3 still uses legacy wireless, you need to load wireless package as well on Hex but storage space might become very restricted.
by holvoetn
Sat Nov 30, 2024 4:13 pm
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 38
Views: 3563

Re: am i using SOHO Firewall or not?

That would be my take as well.
Given the inexperience of the user, no offense intented, it's best to start from default with a netinstalled device.
by holvoetn
Sat Nov 30, 2024 10:54 am
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 38
Views: 3563

Re: am i using SOHO Firewall or not?

Looks like someone emptied that firewall.
I hope you haven't got it connected to a WAN interface ?
by holvoetn
Fri Nov 29, 2024 8:37 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 264
Views: 86345

Re: v7.17rc [testing] is released!

Well, that planned netinstall came earlier then expected.
Wanted to partition my device for future mishaps. Completely bricked.

Luckily I had an export from 3 days ago. Biggest problem was getting netinstall to work (after some attempts with Windows. I used container on AX3, first time right).
by holvoetn
Fri Nov 29, 2024 8:01 pm
Forum: Beginner Basics
Topic: Just updated mAP firmware and now it's broke
Replies: 4
Views: 654

Re: Just updated mAP firmware and now it's broke

As of 7.13 wireless or wifi-qcom, depending on your device, is a separate package.

I have a couple of mAP devices running just fine with ROS7 incl wireguard and IPSEC tunnels.
by holvoetn
Fri Nov 29, 2024 5:55 pm
Forum: Wireless Networking
Topic: CAPsMAN and VLAN filtering
Replies: 5
Views: 580

Re: CAPsMAN and VLAN filtering

And still you don't answer all questions... ether4 on RB5009 to the swith. ether10 and ether12 from the switch to CAP devices. Which incoming port on the switch ? From your switch config I see there is a trunk specified for ether1 and 12 for VLANs 20 and 30. /interface bridge vlan add bridge=bridge ...
by holvoetn
Fri Nov 29, 2024 5:07 pm
Forum: Wireless Networking
Topic: CAPsMAN and VLAN filtering
Replies: 5
Views: 580

Re: CAPsMAN and VLAN filtering

You did not specify which is the port from your RB5009 going to the switch ?
Which port on the switch does it come in ?

Which ports on switch are feeding CAP devices ?

Also, it is generally advised NOT to use VLAN1. Use VLAN all the way or don't use it all.
by holvoetn
Fri Nov 29, 2024 11:16 am
Forum: Wireless Networking
Topic: CAPsMAN and VLAN filtering
Replies: 5
Views: 580

Re: CAPsMAN and VLAN filtering

You do not specify which router, which switch, which APs (capsman behavior w.r.t. VLAN is quite different when talking about legacy wireless or wave2 wifi) You do not specify how things are connected. And you do not show your config, what you already tried. So I doubt anyone can have a clue, without...
by holvoetn
Fri Nov 29, 2024 11:06 am
Forum: General
Topic: how to create a master port on crs
Replies: 4
Views: 589

Re: how to create a master port on crs

Errmm ... that's an article from 2014 ?!
by holvoetn
Fri Nov 29, 2024 11:03 am
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 264
Views: 86345

Re: v7.17rc [testing] is released!

... something weird happened in 7.17RC...
Really ?
viewtopic.php?p=1111415#p1111415
by holvoetn
Fri Nov 29, 2024 6:54 am
Forum: Wireless Networking
Topic: Capsman update mechanism
Replies: 1
Views: 358

Re: Capsman update mechanism

Has been a while since I used "old" capsman but I assume it still works more or less the same with the wave2 version. When updating, it's started all at once. And since all package files then need to come from your controller, it may feel like it takes more time since you may create a bott...
by holvoetn
Thu Nov 28, 2024 6:31 pm
Forum: General
Topic: LTE Interface Problems in OS 7.16.1
Replies: 3
Views: 542

Re: LTE Interface Problems in OS 7.16.1

I've seen LTE interface disappear due to FW crash on modem (FW bug on AX Lite LTE with FG621-EA modem, some versions ago). You could recreate it but it vanishes again shortly after creating (when the crash happens again). But this should show in logs. It might be possible you have to go back to ROS ...
by holvoetn
Thu Nov 28, 2024 5:35 pm
Forum: Virtualization
Topic: Are there prebuilt Linux Images for Metarouter? (OpenWrt or other Linux distros)
Replies: 2
Views: 492

Re: Are there prebuilt Linux Images for Metarouter? (OpenWrt or other Linux distros)

To make it simple;
Requirements
Container package is compatible with arm arm64 and x86 architectures. Using of remote-image (similar to docker pull) functionality requires a lot of free space in main memory, 16MB SPI flash boards may use pre-build images on USB or other disk media.
by holvoetn
Thu Nov 28, 2024 1:20 pm
Forum: General
Topic: How to block webpages by URL?
Replies: 5
Views: 726

Re: How to block webpages by URL?

Use external devices more suited for this type of action (and those usually come with a HEAVY price tag).
Not L7 filters on Mikrotik.
by holvoetn
Thu Nov 28, 2024 11:00 am
Forum: Beginner Basics
Topic: im begginer and i have hex refresh
Replies: 5
Views: 642

Re: im begginer and i have hex refresh

Are you expecting us to make your config ?
You may as well ask ChatGPT, who knows what comes out given the limited info you provided.

First show what you already did yourself and you need to describe in a lot more detail what's needed where.
by holvoetn
Thu Nov 28, 2024 9:54 am
Forum: Beginner Basics
Topic: multple vlans same dhcp subnet
Replies: 4
Views: 658

Re: multple vlans same dhcp subnet

For starters ... why create 2 VLANs yet overlapping subnets ? Use 192.168.0.0/24 for first vlan Use 192.168.1.0/24 for second vlan Much easier. You may want to read this nice tutorial: https://forum.mikrotik.com/viewtopic.php?t=143620 Secondly: supout should NEVER be posted here. Only communicated t...
by holvoetn
Wed Nov 27, 2024 10:24 pm
Forum: Wireless Networking
Topic: Any reason not use 20Mhz channel on AX devices, if stability is preferred over max speed?
Replies: 11
Views: 1956

Re: Any reason not use 20Mhz channel on AX devices, if stability is preferred over max speed?

Even for 5GHz I use 20MHz in that setup. All cAP AX and AX3 devices. Stable as a house AND more options to stay on below-DFS channels (scanners in use there don't support higher channels so I had to cut down channel width to create more possibilities to avoid overlaps). That one higher channel is fo...
by holvoetn
Wed Nov 27, 2024 10:12 pm
Forum: Beginner Basics
Topic: routing in mikrotik
Replies: 3
Views: 510

Re: routing in mikrotik

Moved to beginner basics 8)
by holvoetn
Wed Nov 27, 2024 10:12 pm
Forum: Wireless Networking
Topic: Plain 802.11-an better then NV2!
Replies: 13
Views: 6370

Re: Plain 802.11-an better then NV2!

You do know that was a response to a 6-year old thread ??
by holvoetn
Wed Nov 27, 2024 8:00 pm
Forum: Beginner Basics
Topic: routing in mikrotik
Replies: 3
Views: 510

Re: routing in mikrotik

Add route for subnet using gateway where it needs to go to.

So ... routing.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 24