MikroTik

Peque

Hi Mikrotik FOrum I have an issue that I would like your best bid on the little problem I Have an DMZ zone that are only on 1 port - and the port is connected to A single NIC - that i have on my VMware server - the subnet is a /27 In this Setup here - is there any how possible to create a rule that ...

Peque

Hi Forum I have an question regarding having 3 different public's IP - with different portforward pr ip I should have port 80/443 open on each public IP towards 3 differnet subnets. + the ISP have added 2 Extra IP's But the normal portforward from before adding the extra IP's are still working - But...

Peque

Hi Forum. I want to expand my Mikrotik Setup with more security - and thinking about IDS / IPS Which one should I use or perhaps Both ? BUT as far as I can see is the IPS solution required to be implemented between Internet Providers Modem and my Mikrotik. ( Is this required 2 netcards? ) My Setup i...

Peque

Hi Forum. I've created on my Mikrotik an OpenVPN tunnel How can I the easiest way block all access from VPN session - unless its to this IP 192.168.10.10 Is this easiest through Filter Rules or firewall rules ? and which is the right waty to do this. All access - al ports is OK towards 192.168.10.10...

Peque

Hi Forum. I have my mikrotik - which I'll like to get working as VPN server for several clients. Round the world we have several networks behind a Westermo Layer3 Switch Lynx model - Those Westermo should be the initializing part in the VPN They don't have internet the whole time - therefor they sho...

Peque

Hey Forum. I have some questions regarding VPN setup I have a Mikrotik CC1009 which act as VPN server for OpenVPN. This setup is made after this guide: https://rbgeek.wordpress.com/2014/09/10/openvpn-server-setup-on-mikrotik-routeros/ Which works perfect with Road warrior clients. BUT I havew some P...

Peque

Hi Forum. I have a CCR-1009 which I want to use as VPN server for OpenVPN. I've used this guide for setup https://rbgeek.wordpress.com/2014/09/10/openvpn-server-setup-on-mikrotik-routeros/ - which is actually working. BUT I have 6 persons who needs this VPN. but having some troubles regarding intern...

Peque

Hi Guys. After pressing the download and install the latest software on my CCR1009 it crashed totally. As I can see I cannot get in touch with it at all anymore. I can connect through Serial Port ( Cannot reset it with reset button (Not Working :-( ) I'm getting this message RouterBOOT booter 3.33 C...

Peque

Hey Forum. After beeing hosted by a Citrix for a while - we going back to in house hosting., I have a Mikrotik Router but having a problem with a static DNS I must resolve this name : SIL-INS-SERV01 The full name is SIL-INS-SERV01.INSATECH.local - How do I add this as a static entry - since my new n...

Peque

Hi Forum. I've got A mikrotik CCR1009 - which is setup as Router in the Company. I'm a little in doubt here why this little problem come from and whats the Carse My Public IP is 78.111.168.194/28 ISP Gateway 78.111.168.193 --> Network 78.111.168.192 --------------------------------------------------...

Peque

Welll - using traceroute from tool gives a empty answer - ,But am online on the router from outsite - the only thing is the network is really slow on this line. And my guess is regarding this DNS problem. But haven't seen that message before regarding this issue: > ping google.com invalid value for ...

Peque

Hi Guys. Thanks for a quick Reply In my routes I have these: # DST-ADDRESS PREF-SRC GATEWAY DISTANCE 0 ADS 0.0.0.0/0 188.178.222.21 0 1 ADC 188.178.222.20/30 188.178.222.22 WAN 0 2 A S 192.168.201.0/24 192.168.202.1 WAN 1 3 ADC 192.168.202.0/24 192.168.202.1 LAN-bridge 0 Which Should be the right se...

Peque

Hi Guys. I have a Mikrotik Hex - which I'm using at a little shop. Unfortunably there's a error somewhere I cannot find where it is. When trying to ping directly for Mikrotik Winbox Terminal - I'm getting this: > ping google.com invalid value for argument address: invalid value of mac-address, mac a...

Peque

i Forum I've just got a new Line from ISP with a /29 IP Range I can only get traffic through on my main IP 5.103.38.98 - -> not on X.99 X.100 etc The ISP says that the arp-request beeing rejected - How do I fix this so I can use alle IP addresses and forward the designated traffic to this different ...

Peque

My Mistake regarding 192.168.203.0/24

And yes all src NAt are created

Peque

Heres My Settings: Headquarter Router Filter: > ip firewall filter print Flags: X - disabled, I - invalid, D - dynamic 0 ;;; Allow FRB access to LAN chain=forward action=accept src-address=192.168.202.0/24 dst-address=192.168.201.0/24 log=no log-prefix="" NAT: > ip firewall n...

Peque

My Peers are created like this: ip ipsec peer print Flags: X - disabled, D - dynamic 0 address=93.161.X.X/32 local-address=:: passive=no port=500 auth-method=pre-shared-key secret="*******" generate-policy=no policy-template-group=default exchange-mode=main send-initial...

Peque

I know my subnets are overlapping. I've allso tried with the same none overlapping networks. The single subnet arent overlapping : HQ : 192.168.201.0/24 BO1 192.168.202.0/24 BO2 192.168.203.0/24 I've tried both using 192.168.200.0/21 as the main subnet - but allso only with the /24 network HQ: ...

Peque

Hi Forum I've setting up a system - and can not get the rules for accessing the different network Headquarter: 192.168.201.0/24 BO1: 192.168.202.0/24 BO2: 192.168.203.0/24 Actually I'm getting the VPN up and running with the IPSEC - following this guide Ipsec Guide And the VPN are created and tal...

Peque

Hi Forum I've setting up a system - and can not get the rules for accessing the different network Headquarter: 192.168.201.0/24 BO1: 192.168.202.0/24 BO2: 192.168.203.0/24 Actually I'm getting the VPN up and running with the IPSEC - following this guide Ipsec Guide And the VPN are created and tal...

Peque

So far so Good. I've now got the installed SA up and running allso - but still no way to ping from One Lan to Another LAN Was using this guide: http://gregsowell.com/?p=787&cpage=1 Rules on Router 1: 192.168.201.0/24 Filter Rules: 0 D ;;; special dummy rule to show fasttrack counters ch...

Peque

Sorry for a late answer - had a emergency travel to England ! Under IP-sec - Installed SA - No SA installed here. So that Could be the problem - How to fix this ? How do I install these SA since they are not shown Deleted the Dst rules - and only created the FIlter Rule - On HQ 1 chain=forward...

Peque

Hey Forum Building my first system with Mikrotik Routers - and trying to get the foillowing up and running. HQ - 192.168.201.0/24 - Public IP 78.111.168.100 BO - 192.168.202.0/24 - Public IP 78.111.168.210 network.png ---------------------------------------------------------------------------------...

Peque

Hey Forum I have to make a litle question in here on howto make the best solution using Mikrotik ROuters. In the HQ I've got a Mikrotik CCR0109-8G-1S-1S+PC on 3 location Branch office I have Mikrotik HeX Tegning5.pdf The HQ Router should be the Preffered Master Hos - where all Offices are connected...

Peque

tried allso with a Normal OpenVPN gui but only getting this : Tue Jul 12 10:02:28 2016 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Tue Jul 12 10:02:28 2016 Socket Buffers: R=[65536->65536] S=[64512->64512] Tue Jul 12 10:...

Peque

OK - Then I give that a try. I've now followed this guide from the wiki: OpenVPN Created the certificate with easy-rsa imported ca,crt,router.crt og router.pem into the Miklrotik and created the OVPN server as described here: Created the VPN pool: /ip pool add name=ovpn-pool ranges=192.168.60.1...

Peque

Hey Forum. I would like to get at VPN client able to connect to the Mikroitik Router. I'm using securepoint SSL as VPN klient on the laptop. What I would like is: Getting a VPN that accesses the LAN network behind the Mikrotik. I've followed this guide: Create Certificate for creating Mikrot...

Peque

OK Thanks for the Reply

So there's no way to make this work properly unless you'll have 2 public IP's .
I was hoping the Firewall was able to filter incomming traffic depending oin the DNS name instead of the IP!

Peque

Hello Forum. I've just getting my Internet connection upgraded, but unfortunably there is only 1 public IP available. Therefor I would like to hear if its possible to filtering the incomming traffic using a Domain name insted of a destination IP. I've got some servers at home and would like to filte...

Peque

Well - Given up now - Cannot make it boot from this tftp Server.

Peque

Should it be set for all files ?
Since there are many files - so is there any way to defina all at one

Peque

Hi Forum. I have a little problem that I cannot google my self out of. I've created a dir on my Mikrotik called /tftp Inside I've download a Debian Install pxe But when trying to boot - I'm getting this Then Its writing something about a missing file I cannot read! Its a failed to load a file - But ...

Peque

Hi Forum. I've have a little problem which I cannot solve by my self. I've created my own firewall based on a mikrotik CCr1009. I have created the following networks LAN -> 172.16.100.0/23 DMZ -> 192.168.100.0/24 What I'm trying to is Accessing the servers in DMZ using FQDN. --> test.example.com If ...

Peque

I've found out - that the network ID not MAC adresse - should be correct - you cannot give a new name to that identifier.

# mar/27/2016 10:38:38 by RouterOS 6.34.3
# software id = MU8X-YJR2
#

Peque

Hi Forum I've got a CCR1009-8G-1S-1S+PS running, but having a strange experience. I've created 2 DCHP Pools - (LAN/DMZ) but experience the problem - at my "hosts" are not taking the reserved IP address in the LAN pool. I've created 20 host where only 8 are getting the rigth IP - as created...

Peque

Thanks for the link Allthough I'm still having some troubles. I can now ping from 192.168.88.0/24 through 192.168.2.0/24 to Lynx internal network Can access a webpage etc - but cannot access remote desktop (RDP) Internal connection error (works fine from lynx LAN) But cannot ping from Lynx network 1...

Peque

Hi forum I Playing around and trying to make a VPN tunnel From A Mikrotik HeX to a Westermo Lynx. I'm actually able to get the VPN connection successfully - but cannot send or ping through the VPN - so my guess is a missing Route or some firewall rules - and that where I'm needing your help. My setu...

Peque

I just made a quick network view. As Correct assumed - the Mobile Router Is natted behind a Celluar network - thats allso why the mobile router should be the initiating part The Network drawing is attached! The Meaning is getting the Mikrotik as the VPN server - And getting LAN-to-LAN access. As far...

Peque

Tegning1.pdf Hello. I'm trying to setup an Mikrotik CCr1009 as VPN server. The main problem here is the clients which should connect to Mikrotik - is som mobile Routers ( NATted IP) Which and how would be the best way to make this Happens The Mikrotik Is on a static IP - and should be a VPN-server ...

Peque

Hi Forum Just playing around with the new Mikrotik HEX Router. Trying to establish a OpenVPN connection to this following the guide from here http://wiki.mikrotik.com/wiki/OpenVPN Selfcreated Certificates from easy-rsa Uploaded the Certificate to Router and to Client - And when trying to establish a...

Peque

Thanks Zerobyte. That explained it for me, allthough I managed to block With dropping all new connections from Sourceaddress 172.16.10.0/24 to Out interface LAN. Allthough I should have any rules accessing thay should be placed before this rules. But your example did the explaination fine - Thanks

Peque

Hello. I've have my little network like this setup on a CCR1009-8G-1S-1S+ LAN 172.16.0.0/24 - bridged on ether1,2,3,4 + SPF+ DMZ 172.16.10.0/24 - created on Ether7 WAN static IP - created on Ether8. I would like to allow traffic from LAN to DMZ but noit from DMZ to LAN. As it is now without any rule...

Peque

I've done that now - and just to be sure for now. Ive created 5 bridge-vlanXX and attached the interfaces sfp+ & ether2-7 on each bridge. Afterwards I've created DHCP server for each VLAN and attached the DHCP on the bridged VLANS But when connecting a RJ45 Cable to one of these ports with a nor...

Peque

Well thanks for the answer. When I'm trying to attach the DHCP server to the interface - it can not be connected to it self - so not sure how to do that Correctly. I can make it work on DMZ interface ( But this is only 1 port/Interface ) But would really have using the sfp+ for 10GB connection betwe...

Peque

Hi forum. I'm trying to make this mikriotiuk Router to our new network. But needing 5 VLAN for making it all work - and have tried to follow some guide . Men now I'm stuck and hoping you can help me further. I've bought the CCR1009-8G-1s-1s+ ether1 is the WAN access and ether8 is my DMZ zone The res...

Search found 45 matches