Hm. when did you do it? (I'm just courious, wether we need to wait years, or will this e fixed soon?)

Hi all. I have a Mikrotik RB495 with 6.12 software. I have a 1Tbyte ext3 USB drive attached this Mikrotik. We share this using SAMBA on the LAN, it works just perfect. But now we need to implement an FTP backup solution for a 3rdparty entity (a separate company needs to log in the router and downloa...

Hi all. I have several mikrotiks and several employees who are administering them. In the logs I can see who logs in and when, but is there any way to record ANY command issued from a WINBOX, SSH, or TELNET session on the routerboard itself? I'd need to see who did and what on a specific system. It ...

/export is working, but reverting back the config is pain in the ass (even on default config, it stops several times, for example at /users, /store, etc...). And it does not restores logs... But anyway I have the config now, so users are happy, but I'm still in doubt. My question is still alive. I'm...

Hi all! I have a problem with a mikrotik 450g, using routeros4.6. A lightning has just strike ALL the ethernet ports, they are unuseable, they show link even if there is no cable plugged. The sad fact is, that I did not have a backup of the configuration, wich is quite compilcated. I can connect to ...

I agree in a need of tftp server. In several cases it is a very good feature, for example when deploying voip systems: avaya telephones needs a tftp serve rfor every boot, they take firmware and config from. And since avaya is a closed system, the phones cnnot use http, ftp or other protocol. tftp o...

Damn, yes. SCP. why didn't I realize it till now?

Thanx for the help! Sorry, it was a dumb question.

Hy all! Is it possible to use FTPS or FTPES or any other form of secure FTP connection with routerboard? I'm sending daily backups of my boards to a central ftp, but I don't want the intermediate ISPs to be able to sniff that information. Is there any way to secure this communicaton? What do you guy...

oooo... thanx! that's sooo simple.

Where can I find that exactlly?

Hy there. I wonder if the following is possible: I want to close each and every tcp connection if they are established for more than 2 hours. I don't want to disallow users to reconnect, I only want to shut down that connection, so forcing users to reconnect. Yes I know that download managers can re...

hmm... By using the Packet Sniffer, I can see packet coming to eth9-out and then NET bridge, but ccannot see the output interface. Other interresting thing, I've tried to filter the incming if or bridge port. With ncoming if and br the rule was working, but not with output...

I'm already running rc5. Hm. I do not have "out-bridge" in the options. I have only out/in-bridge-port and out/in-interface. Are you using the "/ip firewall filter" section? Is there a possible incompatibility btw 2.9 and 3.0 of processing the rules? I'm using the standard ip->fi...

Anyway in the input table filtering based on bride port is working. but in forward table it is not. I belive it is a bug.

here, I've just not copied it in: /interface bridge print Flags: X - disabled, R - running 0 R name="NET" mtu=1500 arp=enabled mac-address=00:0C:42:02:2D:59 protocol-mode=none priority=0x8000 auto-mac=yes admin-mac=00:00:00:00:00:00 max-message-age=20s forward-delay=15s transmit-hold-count...

Ok. retry.

0 ;;; LOG ENTRY
chain=forward action=log dst-address=IP dst-port=2222
protocol=tcp out-bridge-port=eth6-NK_MAIL log-prefix="SSHLOG-"


No match.

If I setup the rule like this: 23 ;;; LOG ENTRY chain=forward action=log dst-address=IP in-interface=NET out-interface=NET dst-port=2222 protocol=tcp log-prefix="LOG-" so not dealing with bridge ports in the advanced menu, but only using standard interface names and matching the BRIDGE nam...

Ok. Let's start to play again: 23 ;;; LOG ENTRY chain=forward action=log dst-address=IP dst-port=2222 protocol=tcp log-prefix="LOG-" If I telnet to this port with the given IP, it is working. I can see tha packet: log entry says: in:NET, out:NET, proto TCP, etc... I've added the interface ...

If you check my reply, you can see, that I have enabled it.

interface bridge settings> print
use-ip-firewall: yes
use-ip-firewall-for-vlan: no

Hy all! I've upgraded a site, wich uses a 6port bridge and a 2port bridge, bridging ethernet interfaces only. One bridge for servers, and one bridge for network access. I was using 2.9, but because a hw upgrade I was in a neddd to support 2 CPUs and gigabit ethernet cards that had no support in 2.9....

thank you for the answers, RADIUS and ARPing seems to be a good idea! I give them a try. Mikrotik does not support dynamic firewall rules like cisco for example? For example creating a dynamic list based on leases for example in every x seconds. Will the firewall rule that is assigned to it (source-...

Hy all! I'd like to achieve the following: On a private wired ethernet network, I'd use DHCP for clients, all clients are static, so every time a client being connected it would be given the same IP based on it's mac address... In the firewall I'd like to let ONLY those clients through whom connecte...

Hy all! I have a linksys wireless pci card (108Mbps speed, B/G), but it is not recognised by routerboard. It has a specific chipset? If it has, may I get support for this card in future releases?

THANX!

Hy all! I'm relatively new to routeros! It's a great stuff! But I could not find a way changing it's FTP server, SSH server or WINBOX listening port. I'm receiving huge amount of SSH try attacks (most of them caused by scripts and viruses from internet) on the default 22 port, and I'd prefer moving ...