One of the Polish TV provider gives Multiroom TV feature where you pay for additional set-top box a lot less. The problem is - set-top boxes communicate to each other and exchange keys. Provider says - set-top boxes needs to be on the same network (subnet) to this feature to work. I have two remote ...
Hi I'm using for 2 years SSTP with certs - works fine. But it's TCP. Few users have unstable connections at their end and we have frequent drops when they are using RDP. So we set up IKEv2. IKEv2 set up based on: https://wiki.mikrotik.com/wiki/Manual:IP/IPsec#Road_Warrior_setup_using_IKEv2_with_RSA_...
Slave is mounted to the window sill and this is the only way - house owner do not allow us to mount it in any other way. I mounted it using quickmount pro, but I'll try to mount it using quickmount pro lhg - it should be in correct position. https://viva-telecom.org/images/MIKROTIK/quickmount-pro-lh...
Need your advice. I just installed wAP60g kit but horizontally. Left is MASTER, right is SLAVE. Is this supported? Should I cover any holes where water could potentially leak? With what? Silicone? Anyway, it works well. Even with heavy rain - and I mean heavy as fcuk. https://i.imgur.com/reh5Ron.jpg...
Need a little help my friends from another land. Got site A and site B. Site A has it's own Internet, DHCP server running on RB2011 (192.168.10.0/24). Site B has it's own Internet, DHCP server running on RB2011 (192.168.20.0/24). Both sites are connected using IPSec - runs great for 2 years (site B ...
Hi I need to connect two sites with RBwAPG-60ad kit. "Client" window is about 3m higher than "Server" window. I'm going to mount both on poles. How can I adjust the position of both RBwAPG-60ad on pole. It'll be my first mounting outside so yeah I'm unexperienced. Stock mounting ...
Tried almost every combination, no go. Hmm, there is a problem with two laptops and both have Intel WiFi/Bluetooth cards. But, I reinstalled 4-5 revision of WiFi drivers and still no go. Im lost.
Hi there I have a RB2011 and Intel 8260 Intel WiFi card in laptop. After I upgraded to 6.41 software along with 6.41 firmware - LOG gets flooded with this messages: https://i.imgur.com/nSrcrh5.png https://i.imgur.com/QIJWE34.jpg Lately (3-4 days) I've been downloading a lot of data ~ 300GB - 500GB a...
Yeah, I'm going to stick with "fans" version, If there is problem with high pitch noise (well, if someone here will cry becasue of it) I'll repleace stock fans with:
Hmm, the PC model can also be attached to RACK and also has redundant power supplies (POE and DC) though. Hmm, dunno, I'll probably go with "with fans" option.
lotnybartek, eddieb - Send supout file from 6.40.4 which would be generated after problem has appeared to support@mikrotik.com and refer to this forum post; Lakis - You did see this tab under "Wireless/Security Profiles" on 6.40.3 version and it disappeared on 6.40.4? I updated to 6.40.4 ...
Problem with SSTP. RB2011 here. I have 22 clients connecting to various services from their homes using SSTP with cert. After upgrading to v6.40.4 I'm able to establish the connection, but for example - I can't RDP to Windows PCs. I can't ping any internal address from my IP pool. After downgrade to...
Below it's a log from RB2011 with DHCP details, still this problem is unresolved. # oct/ 3/2017 20:34:44 by RouterOS 6.40.4 # software id = 6RHL-AT74 # 15:32:44 system,info verified routeros-mipsbe-6.40.4.npk 15:32:47 system,info installed routeros-mipsbe-6.40.4 15:32:48 system,info router rebooted ...
Bump. I tried the same configuration with TP-Link 1043ND with LEDE/LUCI firmware but problem persist. I'm flooded (in RB2011) with: ... offering lease [IP] for [MAC1] to [MAC2] without success ... biuro (name of DHCP server) offering lease 192.168.10.11 for AC:22:0B:95:84:01 (my PC connected using w...
Here is the deal: I have TP-LINK 941 v5 (kind of repeater with AP) (stock firmware) connected to RB2011 using Wifi. Clients connected to TP-LINK 941 v5 get their IP from DHCP on RB2011. This setup worked almost 18 months. Now, my RB2011 is flooded with this message: ... offering lease [IP] for [MAC1...
Wireless repeaters almost always split speed in half - because they have one radio - so they receive and transmit with the same radio. What is the situation with wAP ac? It has two radios. Is it possible to set it up as wireless repeater that receive and transmit with full speed?
For some weird reason, enabling IP-->DNS-->Allow Remote Request, makes HBO GO works again on WiFi . After disabling it, HBO GO stops working. I don't know how to explain this, on wired connection HBO GO works as normal. Now, I need to check if DNS will be abused because of remote requests. Any thoug...
Ok, look what I found so far. HBO GO WORKS LIKE A CHARM WITH WIRED CONNECTION. DOES NOT WORK ON WIFI Test were done using The Sopranos S01E01. First of all, I checked to which IP TV is connecting to while streaming. It's 93.184.221.133:80. This is how connection looks like while streaming video on w...
My bad. It's Mikrotik thats blocking (somehow) HBO GO. I connected TV directly to modem - wifi - modem has router function and everything works like a charm.
RB2011 here. So I've posted similar thread on polish website (a'la Mikrotik forum) but they were unable to help me. So I'm trying here. My gear is: TV: Samsung UE55H6400 - latest firmware, everything is up to date Router: RouterBoard RB2011UAS-2HnD-IN - latest firmware, everything is up to date Inte...
Hi there. RB2011 here. Everything was wine for years until last month. Look at this: http://i.imgur.com/chZPO5n.png To explain: - 192.168.10.1 is RB2011 IP - 192.168.10.113 is Windows 10 Pro Hyper-V Guest So 192.168.10.113 is spamming router to the point, where CPU is on 100% (or vice versa?)constan...
Right now I'm using: Hash Algorithm SHA1 and Encryption Algorithm AES-256. Today I'll try MD5 and AES-128. Wonder if I see any noticeable difference. What algorithms do you use? BTW, Wiki says about a better way of bypassing ipsec policies - RAW firewall tables instead of normal filter rules - not a...
Hi I made site to site IPSec connection 2xRB2011. From Mikrotik Wiki: If you have fasttrack enabled, packet bypasses ipsec policies. So we need to add accept rule before fasttrack /ip firewall filter add chain=forward action=accept place-before=1 src-address=10.1.101.0/24 dst-address=10.1.202.0/24 c...
Hi So there is IPSec between two RB2011 - both sites have dynamic IP. Both routers acts as pppoe-clients (modems on both sites are in Bridge modes). Everything was done as described here: http://blog.pessoft.com/2016/05/29/mikrotik-ipsec-tunnel-with-ddns-and-nat/ ====================================...
hi RB2011 here. i have 4 RB2011 - in all of them I'm using protection rules, read below: # nov/30/2016 15:17:24 by RouterOS 6.37.1 # software id = 5N19-V7VV # /ip firewall address-list add address=0.0.0.0/8 comment="Self-Identification [RFC 3330]" list=bogons add address=10.0.0.0/8 comment...
Hello there We are opening second office and I have a task to make a stable, secured connections between them. Both offices have 80/8mbit vdsl2 connections. Now, what would you advise for a VPN: L2TP/IPSec or SSTP? We have people working remotely using SSTP and Certs and it's work great. But which o...
Can't you set up another virtual AP just for the TV decoders? This would be the easiest thing to do, but not here. wlan2 and wlan 3 (virtual aps) are here for Repeater purposes. There are two other devices (TP-LINKS) connecting to wlan2 and wlan3. If I would create wlan4 - signal would be too weak ...
RB2011. Now I have 1 WLAN and 2 Virtual AP - so 3 networks. All WLANS have their own bridge, different subnets, different DHCP and so on. WLAN1 192.168.10.0/24 WLAN2 192.168.20.0/24 WLAN3 192.168.30.0/24 Now, our TV decoders require to be connected to the network with same subnet (let's say It'll be...
RB2011 on 6.36 wifi clients gets randomly disconnected - all of them with log: mac address@wlan1 or wlan2 or wlan3: disconnected, received deauth: unspecified (1). After couple of seconds they get connected to the AP again. Nothing like this happened in previous versions.
This one works fine here: (from polish trzepak.pl forum where I made the same thread) /ip firewall mangle add chain=forward action=mark-packet new-packet-mark=all_download in-interface=ether1 passthrough=no /ip firewall mangle add chain=forward action=mark-packet new-packet-mark=all_upload out-inter...
Hi so I created few rules to be able to do simple PCQ equal bandwidth shaping. Modem (bridge mode) connected to --> ether1 on RB2011 (PPPoE) --> wlan + 2x Virtual Ap's My code is: /ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=all passthrough=no /queue type add name=&quo...
This one works: BEFORE you run it, set manually SentUpFlag and SetDownFlag to FALSE. #Set variables :global InternetStatus; :global SentUpFlag; :global SentDownFlag; #Match condition :if (($InternetStatus = "UP") && ($SentUpFlag = "FALSE")) do={ :set SentUpFlag "TRUE...
Thank you jarda for your suggestions. I made this script (do not laugh, It's first time I wrote it from A-Z): #Set variables :global InternetStatus; :global SentUpFlag; :global SentDownFlag; #Match condition :if (($InternetStatus = "UP") && ($SentUpFlag = "FALSE")) do={ /...
yeah blackhole was the thing I needed. Works now. Ip route export: /ip route add comment="ISP1 MONITORING FOR 8.8.4.4" distance=1 \ dst-address=8.8.4.4/32 gateway=pppoe-out1 add comment="ISP1 BLACKHOLE FOR 8.8.4.4" distance=2 dst-address=\ 8.8.4.4/32 type=blackhole add comment=&q...
Ok so after I read tons of posts here, there is one nice workaround posted by "aacable" user - but still don't know if I'm doing it properly. You can simply create a route for target host, for example if you are monitoring 8.8.8.8 , then create a route for 8.8.8.8 that should always goes v...
Hi In our office, we have now USB LTE dongle (Huawei E3372h-153 LTE - HiLink) which works great with RB2011UiAS-2HnD-IN. So: RB2011 is connected via ETHER1 to VDSL2 modem which is in bridge mode. RB2011 act as PPPOE Client. Now, I configured LTE modem as usual. So, I added DHCP Client and did NAT on...
Hi there So I bought a RapidSSL wildcart SSL cert for company I work for. So I got two files: 1) Actual Wildcart cert for my domain 2) Intermediate cert I often use webfig on https://vpn.domain.com:port It works fine with self-signed cert but not with RapidSSL wildcart SSL cert. I've imported Interm...
EDIT: Bam, found cable to 2011 so it is connected now to 951 (sorry but new building and not my initial setup). Still I can't understand how can 951 act as wireless extender for 3 WiFi networks that broadcast 2011. To clarify. 2011 is main router. On ether1 there is Internet, ether 5 is connected to...
Yeah, I want to avoid situation, where PC7, 8, 9, 10 would still connect to RB2011 despite the fact they can get better signal from RB951 - because Wifi names are the same. Found a topic with similar problem here: http://forum.mikrotik.com/viewtopic.php?t=81128#p406287 My setup seems to work as far ...
http://i.imgur.com/MKtvzUN.jpg RB2011 is main router serving 3 wifi (AP + 2 Virtual APs) networks with different subnets. In theory RB951 configured as bridge and as a repeater of those 3 wifi networks - so WiFi network names are the same. PC7, PC8, PC9, PC10 are far away from RB2011 but still in r...
This one is connected with this thread: http://forum.mikrotik.com/viewtopic.php?f=2&t=107244 So I have this restaurant PC (10.10.10.3)that I need to block access to it from other PCs in this very same subnet (10.10.10.0/24). So: block access to 10.10.10.3 from 10.10.10.4-10.10.10.254 My Firewall...
Here's the problem. Ether 1 - 192.168.1.0/24, has it's own DHCP network etc. (office network) Ether 6 - 10.10.10.0/24, has it's own DHCP network etc. (restaurant network) Communication between subnet is blocked with one firewall rule. There is one PC (10.10.10.3) in restaurant (Ether 6 subnet), that...
Hi there. My gear: 2011UiAS-2HnD - 6.34.4 On my network I have one IP (192.168.1.251) that I'd like to exclude from FastTrack to do simple queues on that IP. I enabled FastTrack with these two commands: /ip firewall filter add chain=forward action=fasttrack-connection connection-state=established,re...
Hello I set up L2TP/IPsec server on my RB2011 - around 6-10 users are constantly connected to it and work from home. I'd like to give this VPN highest priority because from 06:00 to 16:00 there are few programs that are eating up connection a lot, that affects stability and comfort of VPN connection...
DynDNS update script not working after update to 6.30 # Set needed variables :local username "XXXXXX" :local password "XXXXXX" :local hostname "XXXXXX.dyndns.org" :global dyndnsForce "" :global previousIP "$previousIP" # print some debug info :log in...
Hi So I have been using this code for over a year without a problem: # Set needed variables :local username "XXXXXX" :local password "XXXXXX" :local hostname "XXXXXX.dyndns.org" :global dyndnsForce "" :global previousIP "$previousIP" # print some deb...
It's not the problem for me to set up TP-LINK as access point. I just want Mikrotik to give out IPs and separate restaurant clients from office employees - that's all actually. I wanted to do that with VLAN. So it's even doable?
Router: 2011UiAS-2HnD I have one DHCP server serving 192.168.1.1-192.168.1.252. "Internet" is on eth1. Router acts as PPPoE Client to VDSL2 modem. There is also TP-LINK 1043ND - it gets it's IP from 2011UiAS-2HnD. It's mainly for serving WiFi for restaurant clients and TP-LINK has it's own...
Hello there. So I have: 1) RB2011UiAS-2HnD-IN - acting as PPPoE dialer on LAN 1, DHCP, DNS on LAN 2 (well, whole network is on LAN 2) - 192.168.1.253, SUBNET: 192.168.1.0 2) TP-link WR1043ND with latest DD-WRT set up in Gateway mode - it's WAN is connected to MIKROTIK LAN 2 (through few switches) so...
Hi there. Since I upgraded my RB2011s to 6.19 I can see in my log: UpdateDynDNS: username = xxxxxx UpdateDynDNS: hostname = xxxxxxxxxxxxxxxxxxxxxxxxx UpdateDynDNS: previousIP = xx.xx.xx.xx fetch: file "dyndns.checkip.html" downloaded UpdateDynDNS: currentIP = xx.xx.xx.xx UpdateDynDNS: No d...
EDIT: PROBLEM IS SOLVED I reinstalled Eset Smart Security. Everything is working normal now. I swear to God, I was trying to access the website dozen time from my laptop, wife laptop, smartphone etc - no luck. Meh - thank you for tips dear friend. ============================= In attachment you can...
Hello So after I bought first RB2011 - I bought another one and another one ;-) First RB2011 is in my home - reachable from outside via "https://a.dyndns.org:port" Second RB2011 is @ 1st work - reachable from home via "https://b.dyndns.org:port" Third RB2011 is @ 2nd work - NOT r...
Dear Users - this is my problem. We are using Crashplan backup service to backup all our data. Now, their app is using almost all the upload bandwidth. That was the problem at the beginning, because first we've done backup of all our files ~ 70GB. Now, we backup continuously every file in real time,...
Apparently this issue has been fixed in 6.13. From yesterday, all clients (6 clients using L2TP/IPSec) were connected. Today cache size is 56 now. Normally it would be something between 2k-4k.
ethernet, firewall, networking. These three are spiking causing heavy load. Don't know if there is anything I can do to prevent such high load (example now: 1 client connected, downloading at 3.6 MB/s ~ 30 Mbit/s) - CPU usage as shown on vid.
Hello RB2011UiAS-2HnD-IN with 3.14 / 6.12 working as PPPoE client to VDSL2 line (30 Mbit/s down) 10 clients connected via DHCP all doing almost nothing (in terms of bandwidth usage). 1 client downloading at 3,5 MB/s. Is this CPU usage normal? Spikes from 5% to almost 70% every now and then? Watch th...
:local act [/ip route cache get cache-size] :local max [/ip route cache get max-cache-size] # print some debug info :log info ("Actual route cache size: $act") :log info ("Max. route cache size: $max") :log info ("If active route cache size: $act>=14336 reboot required"...
Same problem here using RB2011UAS-2HnD and latest firmware / software. Happened few times already (I have this router for 3 weeks), always while L2TP/IPSec clients connected (last time crash - 5 clients connected). I can't ping it, I can't login into it (ssh, telnet, winbox, web). Only reboot fix th...
Hello there dear community So after days of configuring my RB2011UiAS-2HnD-IN, everything is set up. So: Modem (bridge mode) ---> Router (PPPoE), WLAN, DynDNS Today when I logged in into WinBox in Logs I spotted this: http://i.imgur.com/lyzzbml.jpg http://i.imgur.com/oRvXMBm.jpg I checked IPs, they ...