Hi,
Trying around with 802.1x, too. User-Manager does not seem to support any needed TLS method.
Maybe in future?

regards

Hi

Did you manage to get this scenario to work?

Thanks for a reply

really frustrating topic, nothing's really working. I'm going to get in touch with the support team, maybe they've got an idea,

regards,

redflag237

push

Okay solved right now.
It was that stupid kind of testing error

Proposals only gets active when according traffic is being sent.

Regards,

redflag237

Hi,

I've made a new ScreenShot, maybe my information was not enough for debug.
Can someone help me, please?

Dear all, I am receiving UDP attack on port 53 for reference snapshot is attached right now for this i am using drop rule but problem is that my router is continuously dropping packets since last night and still doing this i dont know why this attack is not finished yet and what kind of attack is t...

Hi we have a network with one corerouter 2800 GS (6.6 x86) and 4 mikrowan mw6025n (RB433GL mipsbe 6.7) internet enter in corerouter and it connected to 2 of mikrowans used for deploy hotspot. I want to control bandwith usage in whole network. i wondered if we can control it distrbuted or it must be...

Hi, You need a Queue Tree for that. Create a Main Tree, Prio 1. Then Create Child Queues for each Traffic Class you want. For the Main Queue select an PCQ type, select small queues for the childs. Traffic Classification is done by Packet-Marks. PreRouting-Chain is used for the WAN-Upload, PostRoutin...

How do you want to identify your PCs - by IP, MAC, By LAN Port?

I have 40 static ips in my metwork from my ISP. In two of them i discovered this problem, two days now. UDP flood are from different addresses and different ports. Why is this ruleset not working? What is running behind your router... Webserver? In case of any Webservers, i would recommend you to s...

Hi, I really don't unterstand your answers. Could you write more than 3 words, please? Write in your native language if you think it's better - i can use Google Translator. If it behaves live the normal IPSec that i know, Packets are dropped , if the ISAKMP/SA cannot find any matching Pair of IP Adr...

Hi, Okay as i understood, situation now is: - Public IP of your RB750 has now changed due to this direct pptp tunnel stuff - IPSec Server IP hasn't changed. As usual for IPSec needs, there is a Policy defined somewhere, which tells Traffic from x to y to allow for transport. Find it and change it t...

Hi, Okay as i understood, situation now is: - Public IP of your RB750 has now changed due to this direct pptp tunnel stuff - IPSec Server IP hasn't changed. As usual for IPSec needs, there is a Policy defined somewhere, which tells Traffic from x to y to allow for transport. Find it and change it to...

Hi, What about mangle rules? Drop packets with source Mac 00:00:00:00:00:00, that's easy ;-) DHCP Requests are sent as UDP Broadcast to 255.255.255.255, as i remember. Please double-check it before apply it. Also, you could rate-limit DHCP-Requests with an input-rule. Also, you should review the lea...

Hi, I have two MT Routers, first is 2011UAL ROS6.7, second one is 951G-2HnD ROS6.7. Tried to Setup IPSec Tunnel as follows: Device One Peer: 1.1.1.2/24:500, Main Mode, aes-128/sha1, pfs modp2048, proposal check obey, 1d lifetime, 60s dpd. Authentication is RSA Keys. Proposal: aes-128/sha1, pfs modp1...

Could you please give some more informations?
e.g. Subnets, your IPSec config and Routes are needed to answer your question.

Regards,

redflag347

Thank you redflag! Can you suggest one SPF module to me? We are going to get a IRU from an Italian highways company. We now don't know anything specification about fiber cable but for sure is good cable. sure, have a look at this ones: http://www.finisar.com/products/optical-modules/sfp/FTLF1519P1x...

Take a look at the Layer2-Switching Capabilities of your Mikrotik Device, maybe this is enough your your needs.

Have a look at some fiber shops. Which country are you asking for? The Limit is, at very first, the SPF Module. Secondly, at such long distances, the cable quality is important. Take good quality (!!!) Single-Mode Duplex Cable, select the the ones for long wavelength (~1300nm as i remember). Most of...

Hi, I'm using multiple Gateways in my Default Gateway (ECMP Routing). There es an IPSec Tunnel that Connects to a branch location by DynDNS. It Should use WAN1 for this. The Policy is configured with the Public IPs of WAN1 and branch location. Both IPs are entered to the Polity SA Adresses with Tunn...

HI lbenzo,

Please review the basics of your IKE Policies. Have you whitelisted them to pass? I'm pretty sure you haven't.
What about switching to a Layer-2 VPN Solution using OpenVPN - i don't know your skill grade regarding IPSec, while OpenVPN is mostly failsafe.

Best regards,

redflag237