still no luck so far...

Hi there, We have a site in Shanghai. In China, OpenVPN is blocked. AFAIK it's the initial handshake part that has been blocked. SSTP works in China, but SSTP is very slow (I think this is a Mikrotik issue). I am thinking to send OpenVPN handshake packet via SSTP and rest of the OpenVPN not via SSTP...

Requirement: router to receive wifi (as WAN interface), then the router connects to VPN server as VPN client, then share it via wifi again (as an AP) so that all client/devices (wirelessly) connected to this Mikrotik AP would have automatic VPN access. Does it need two radio to do it? Can any of the...

/ip route add dst-address=<pptp server IP> gateway=<your WAN interface or gateway IP> /ip route add dst-address=<sstp server IP> gateway=<PPTP interface or remote IP> /ip route add gateway=<SSTP interface or remote IP> This would be the easiest way to do it without any mangle rules, if you aren't w...

Yes it's possible - Just route your SSTP tunnel down the PPTP interface.
Not sure I'd recommend it though!

Thanks for getting back to me~

in /IP route, gateway I select PPTP, but then how/where do I select SSTP tunnel?

or should this be done at other place?

I'd like to run a SSTP session within a PPTP session. Had a look at /ip route, doesn't look like there is a way doing it there. Had a look at mangle, perhaps that's where I can redirect the packets, but prerouting chain cannot use output interface as a condition. So I am out of ideas... Anyone could...

that's what i did, and actually after seeing your reply confirming the method, i had a second look at it.

well, i made a mistake of thinking that i had mangled it with routing mark (which i forgot to do...) that's why it wasn't routing it as expected.

thanks for the help~~

Hello, Can I somehow force my RB2011's DNS server to resolve IP via VPN? I've got VPN running, and have forced all traffic to 8.8.8.8 via VPN, but when I checked using the built-in traceroute, it is not going via VPN. It seems /ip route and mangle only works for devices connected to my RB2011, and R...

ok after playing around with it, finally had it working address 212.x.x.19, network 195.x.x.1 route dst address 0.0.0.0/0 gateway 195.x.x.1 it was a lucky guess :) ===== one question though, if i move ESXi to be behind this router, then have 195.x.x.9 (first IP) used for another router, CelticComms,...

195.x.x.9 -> First IP 195.x.x.1 -> gateway 255.255.255.255 -> network mask yes i agree and i do think above is incorrect. and when i looked at the ESXi setting, it is showing 255.255.255.0. however that isn't the problem, for now (it should be a problem much later on when i am further changing the n...

Hello, 195.x.x.9 -> First IP 195.x.x.1 -> gateway 255.255.255.255 -> network mask 212.x.x.19 -> Failover IP 195.x.x.1 -> gateway (same as first IP's) 255.255.255.255 -> network mask The first IP is used by ESXi. I am setting mikrotik on the failover IP. Normally I would have 212.x.x.19 in the addres...

interestingly, when i tried it on a different mikrotik router (this is RB751G with v6.6 on it), it worked. it creates two txt files and it updates to no-ip correctly. then i tried it on a RB2011 with v6.7 on it. it worked too. all three mikrotik routers are with about the same settings. definitely s...

in the file it says nohost. then i thought maybe i should manually put 1.1.1.1 in there and see how it works. no luck still. then i triple checked user/pass are correct. then i delete the host.txt file. and something interesting happened. it does not create this host txt file any more. actually, th...

i manually created no-ip_ddns_previousip.txt and put 8.8.8.8 in it. now the log is no longer showing "previous IP ()", but correctly showing "previous IP (8.8.8.8)". however it still doesn't update. and in addition, when i ran again, the log is showing identical previous IP (8.8....

in the file it says nohost. then i thought maybe i should manually put 1.1.1.1 in there and see how it works. no luck still. then i triple checked user/pass are correct. then i delete the host.txt file. and something interesting happened. it does not create this host txt file any more. in case i mes...

i tried it, but it doesn't work for me. i am on RB2011 v6.7 error code that i am getting: "No-IP: Current IP (x.x.x.x) is not equal to previous IP(), update needed" -> that's IP(blank) "No-IP:Sending update for x.myftp.org" no update at the site. ran again, identical error, and i...

Try disabling snmp if you don't need it ... I've seen high management usage in many cases caused by enabled snmp.

JF

is this in ip/snmp? if yes, it's not enabled.

i am a bit worried because i'd be away for a week or two. fingers crossed that nothing happens while i am away.

I am pretty sure you need cert for OpenVPN to work in Mikrotik.

However SSTP, as far as I can remember, can get it to work without certificate.

is this something that i should worry about? and is there a fix for it? i am not sure if this is related but the box was reset with new completely configuration in less than 12 hours ago. and i noticed the very next morning that i suddenly cannot access it via winbox. strangly web access works. when...

i got a RB751G-2HnD here.

not sure what's wrong with it, CPU is 100% flat all the time, and in profile, the CPU is eaten by, roughly, console 40% and management 60%.

really strange. any idea?

I have OpenVPN set up between two sites in two separate countries. When I ping via VPN tunnel (pinging LAN address) the ping is about 350ms. And when I ping the same router directly/externally (pinging WAN address of the router), it's about 80ms. Well, a problem arise today that our internal webpage...

Like I said, give your ether1 (local LAN) interface a IPv6 address inside the pool assigned to you by ISP (2001:B030:xxxx:xxxx::/64) Create a static route for ::/0 towards 2001:B030:xxxx:xxxx::FFFF/64 this is what i have entered: ipv6/address 2001:B030:xxxx:xxxx::/64 on ether1 (that's the LAN port)...

I think the WAN does not need an IP at all. Only our local LAN interface (or bridge). And your static route should than route ::/0 out of your WAN interface or to the IP address you wrote 2001:B030:xxxx:xxxx::FFFF/64. ok on LAN port i set the address to 2001:B030:xxxx:xxxx::FFFF/64 (and later on al...

my WAN is on eth5

LAN is on eth1

i should have had it changed but didn't ha

just want to double check, should i give ROS WAN port 2001:B030:xxxx:xxxx:: or 2001:B030:xxxx:xxxx::1?

and on the gateway should i set it as ::2?

I'm not sure, but what I have done is only configure an IPv6 address on my local bridge, and done DHCP-client on my ISP interface (which is pppoe in my case) Maybe you can give an overview of your connections? The thing I assume is that it is routing to itself now, since ::1 is used as gateway, but...

just want to add that i am pretty sure the IPv6 connection works fine. under win7, it's easy to set it up, i just need to go to the network adaptor setting, in IPv6's property, enter the IP + prefix length + default gateway + dns, that's all. i am sure this must be fairly simple to setup in RouterOS...

hello, i've been trying to get IPv6 working on my x86 router, and so far have no success my connection is IPoE, not PPPoE. if i am to set up IPv4 connection, i put the IPv4 ip into ip/address, then set up gateway in ip/route. so i'd assume the same for setting up IPv6. and if i am reading the correc...

dear deejayq, you are the man! yes that fixed my problem!!

could anyone help? i think this is really a newbie question

Hi there, I have done my queue tree + mangle and when i run it all seems to work except incoming packets (prerouting) have been marked as outgoing parket hence going into the wrong queue tree. After investigation, under firewall connections, I found something strange: PC A - local 192.168.0.0 addres...

I recently bought an entry level unit RB750 to play around. I have no previous experience on RouterOS and this looks quite different to everything else I have played before :) Currently I have linux based routers (IPfire and PFsense). I intend to keep PFsense and let it do everything (WAN + DHCP + s...