Hello all, I am wondering about the following and I have not been able to find an answer. Assume a Mikrotik router with three IP's - two are static, and the third is DHCP. My question is, which of the three WAN IP addresses will be attached as the "main" connection in the routing table? I ...

I got my answer, pretty quick, via email from support@mikrotik.com. Thanks for the quick response! "Hello, Thank you for contacting MikroTik Support. This setting from app does not work at the moment, please use winbox for configuration. This will be fixed in the future. Best regards, Oskars K....

Hi all, in what board should I report a bug in the iOS mobile Mikrotik app? If here is OK, here's what I encounter. I get access to a router from my up-to-date iOS device with the latest version of the Mikrotik app, while using a Wireguard VPN. So far, so good. I then want to add another peer, and u...

Nevermind... my error of course. Typo in IP addressing. Port is working just fine. Thanks for looking and trying to help out.

Thanks, I have no bridges set up.

Any other suggestions?

I have an RB2011IsAS-RM to play with. I was hoping to set eth10 as my management access port, but I have a feeling it's dead. Setting an IP address, DHCP etc works fine, but I can't connect to the board through this NIC. I know it's a PoE out port, and I've disabled that feature since I won't need i...

Weeeeeell... Had some more time to play with the setup. And sure enough - user error. The cause of the issue had nothing to do with Mikrotik, or Proxmox. I simply didn't implement the Proxmox environment properly in my lab. Lesson learned. Don't go by memory, rush through it and instead pay attentio...

Perhaps. I used Proxmox in the past with OPnsense and did not have to do anything special with Proxmox or its Linux bridges. I assumed I would find the same with a CHR instance. I can’t find a lot of documentation on “initial setup” for CHR, only how to install it or upgrade the license. The fact th...

I am trying to get a lab setup going with CHR. I was able to successfully load a CHR (v 7.6) VM in Proxmox (v7.3-3), and added 5 NICs as bridges linked to the onboard NIC and a 4-port NIC card. So far, so good. The VM shows the NICs and all necessary pieces. It boots up just fine. I can connect to C...

Well, good news, the app was available this morning.

Not sure what changed but it is now installed on my phone.

Thanks all.

I saw that winbox alternative. Not keen on installing it, unless it turns out is the ONLY option. Sigh...

Well, glad it's not me being dumb...
Updated the title of post, maybe it will attract the attention of the right people. Thanks!

It would help if you provide info what region is your region. No need to advertise an exact address just country

Dang... posted this after a looong day. I'm in Canada.

Hi forum, not sure where this question best fits. I just switched from Android to iOs and when I want to grab the Winbox app via the link from Mikrotik website I get a popup that this app is not currently available in my country or region. Is this a Mikrotik problem, App store problem or a "me&...

Thank you, Buckeye, you make some valid points. I especially like the idea of being able to free up a port on the switch and move the Pi to port on the MT.

I'll look into it.

Hi all, "OP" here again... I posted my current config a few posts above this one, and tbh, when I read ^: "... OP, using v7, is correct to use bridge vlan filtering,.." I must admit that I am not aware if I am indeed using bridge vlan filtering, or not. I 'think' not, since I hav...

Hello again. Finally - had time again to revisit my firewall. This is what I have now. The good news - the major stuff is working. I haven't spent time yet on getting my Wireguard VPN working, but that's not a big issue at the moment. What I AM happy about is that I figured out how to implement fire...

So let me get this straight the topology is ISP modem --------> Router1 -------> Switch --------->MT DEVICE/Router Where Router 1, only handles IP DHCP client aspect of routing then carries traffic to switch and then to MT Device on a private subnet IP. Switch (lets say 24 port) - Gets internet on ...

^ This is correct. Now, what I would like to accomplish is to disable the inter VLAN routing... and while I'm working on the security aspect of the router, I will also need to figure out how to achieve the rest of my requirements. See first post. Fun and games...

Thank you both for your input, and sense of humour! I have less time than I would like to study everything as I should, but I'm plugging away at it when I have time. I also found this thread - https://forum.mikrotik.com/viewtopic.php?t=153581 - where you both imparted additional wisdom. Rest assured...

Hello Anav and mkx, Thank you both for your input. Lots to read and review in what you presented to me. I'm right away struck by the seemingly different approaches. mkx writes "Y ou only have to use bridge if you want to use RB750Gr3 in a switch-like fashion " whereas Anav seems to recomme...

Thanks, I'll take a good look at that, maybe later today or evening.

Thank you for the quick response. "only VLAN 10 is protected from others" - I understand. This rule does nothing to prevent traffic between VLANs 20 - 50. The "drop all" rule concept at the end, and add allowed traffic above it is logic and seems practical, however, I do also hav...

Hello forum, and Happy New Year For a while I've been playing with a MT RB750GR3, running 7.1. I've managed to get an IPSEC VPN going for my IP phone to connect to the office and I was able to get a Wireguard VPN going that still needs some work, but that is not my concern at the moment. Since I onl...

Search is your friend, but no guarantees of success. Depending upon your business you want to invest in a router with more horsepower (5009) for example. Wireguard works well and is relatively simple to implement and is now available on 7.1. Also with 7.1,,,,,,,,,,,,,, VPN ---------------------- !)...

A complete guide to set up you-name-it providing for all the possible situations you may encounter in any other than out-of-the-box configuration would be about equal to a complete RouterOS manual: the mutual order of firewall rules matters, so not knowing the initial state of the firewall means th...

Hello, I have a working IPSEC VPN set up on RB750Gr3 running 6.49.1 for an IP phone connecting to PBX at head office. Now, I would like to add a VPN server on the RB, to allow road warrior access to an internal network. It seems that a complete (!) how-to for either setting up OPENVPN or L2TP with I...

Hello, did you get this resolved? I have the same log output in my OPNVPN (Windows10) client. So far, I have not found out what the cause of the issue is and would like to know as well.

In IP/Firewall/Raw add a rule with source as your VPN pool and destination as your PBX IP in prerouting chain and with action no track. Copy the rule and reverse source with destination. @inteq - your solution worked for me. I'm not any the wiser as to why this rule works the way it does, but it so...

(admins - how can I delete an empty post?)

Hello forum, Recently bought a Hex, RB750GR3, to play around with in hopes of it replacing a power hungry PC that runs OPNsense. In my current setup I don't have VLANs configured, but would like to change that up, just because I can - but should I ??? Read on... My reasons are twofold - for the lear...