Well, that did it. The real problem here is that my 71 year old eyes had a tough time reading the small print that came with the new router. It clearly said the "local network computers to the other ports". Thanks.

I've setup at least 10 MikroTik routers or switches. They all "just work" without a problem. But, I can't get the newest one to work. The newest (problem) unit is a RB2011UiAS-2HnD-IN that is connected v1a ETH1 to an already established hAP lite. After powering up the problem unit display ...

Got it. I also should've asked, have you tried using a different PC? If yes, then the next step might be to try reinstalling RouterOS using Netinstall... https://wiki.mikrotik.com/wiki/Manual:Netinstall Failing that, maybe the hAP device is defective. Regards, John Thanks. Turns out that it's the p...

Yes, I get the same behavior with WebFig and accessing via a ethernet connection.

I'm trying to configure my hAP lite to be a wireless AP on my network. I did a factory reset and could occasionally connect to to it via the WLAN MAC using WinBox. It would disconnect and then WinBox wouldn't be able to reconnect for multiple attempts. Then, finally it would connect but then disconn...

We'll have to wait and see what the developers had in mind. But, I'm guessing that their intent is that to-ports should be stored if it were ever specified and would then be used if it were appropriate. (It's a bug that to-ports are used for masquerading). This is the way I would design the system. ...

The potential bug you found is definately a possiblity. Try this, like I did, to see more: On the rule that you copied, and is now a masq rule with no to-ports listed... change it back to dst-nat and you will see that it STILL HAS YOUR OLD DST-NAT TO-PORT VALUES LISTED!!! So, the masq rule is defin...

you sure this is a bug? i think you should be allowed to masq ports on the way out to a specific range, ie; 40000-65535 only ... the default is 0-65535 and you can just limit the src range to something smaller if you want. Not sure that I agree. But, then, I'm not expert enough to disagree. But, th...

I've discovered a bug that causes masquerading to not work properly. It happens when the NAT rule to-ports property has been set and the action property is masquerade. In this situation the to-ports is used when it should be ignored by masquerading. I.e. masquerading should use the original port. Th...

It goes to the input chain because the dst-address is an IP that is local to the router. You haven't described your topology in great detail. But, I would assume you're looking for this. http://wiki.mikrotik.com/wiki/Hairpin_NAT Thanks, I had seen http://wiki.mikrotik.com/wiki/Hairpin_NAT but that ...

I'm looking at http://wiki.mikrotik.com/wiki/Packet_Flow#Diagram Layer 3 diagram. I'm trying to figure out why a routing decision is made to move a particular packet from the Prerouting to Input instead of Forward. The general topology is LAN <--> RB450G <--> ISP with a PPPoE connection to the ISP. ...