MikroTik

sleerf

I had a strange issue recently where the script I had that had previously been emailing a backup nightly quit deleting the file after emailing it and the memory filled up to the point where I couldn't even manually delete files. I discovered this about a week before an extended power outage ran the ...

sleerf

So what did you do actually? The option "Allow Dual Stack Queue" was unchecked in your case, you checked it and this solved the problem? Or the option was checked, you unchecked it and this was the solution? I just now saw this when I had to restore a backup from before when this was a pr...

sleerf

I'm surprised at the lack of interest here. I came looking for something specific and I'm going to check this out to see if it will work. Our CCR sits directly on a fiber connection and has a decent sized battery backup that can run the router, CSS, 4 APs and a P2P for at least 4 hours that we've se...

sleerf

For a moment I had hope. Then a saw there was no answer. This is just bizarre. Given the skill and design capabilities of this company you would think they could find a way to simply delete files without having to do a complete reset.

sleerf

Depending on amount of configuration done, backup of configuration can be as small as 35kB. But can be a few hundred kB as well. If you can't create configuration backup, you can run /export show-sensitive (the show-sensitive parameter is needed on ROS v7, it's default in v6) and copy-paste output ...

sleerf

Did anyone figure this out? Having the same problem. Showing about 400k available so not completely full but can't even delete a 130 byte file via command line or through Winbox. I'm stuck it seems unless I take the router offline and restore an older backup then try to remember all the changes I've...

sleerf

I have a small ISP with a very slim budget. We setup with a company a while back who provided firewall rules for us but I have a strong feeling that they're insufficient and that they're also inefficient. I've managed to save a couple hundred bucks which is all I can really spare given the barely pr...

sleerf

Well, I solved my mystery on total accident..... I clicked "Allow Dual Stack Queue" and toggled it off and saved it. I was on the phone and wasn't paying attention. I turned it back on as it had been and saved it again......And now it has stopped....No clue why.

sleerf

What is "static port" in this story ? A port with a static (locally defined) IP address, or something else? A DHCP lease made static ? What I experienced .... The DHCP lease will fail when you assign a predefined ("made static") IP address to a DHCP client that already has the S...

sleerf

I've been preparing to move 150 households over to PCQ queues on our ccr 1009-7g-1c-1s+ , researching the heck out of it and I'm just about to pull the trigger. As I was combing through posts thinking... "got it, got it, got it" suddenly it became "don't got it".... I have a gig ...

sleerf

I've been looking at PCQ and reading about CAKE but the terms used in the help files for CAKE are all foreign to me. Is CAKE capable of breaking customers up into multiple bandwidths? We have about 150 houses on a gig dedicated fiber and a ccr 1009-7g-1c-1s+ with ultra-low latency and that's kept me...

sleerf

I'm not sure how I would test with a device. The DHCP and static port both cable into the CSS. The CSS cables to several APs and a P2P that combined distribute internet to the entire town. The problem is that the router is continually trying to give a DHCP address to the mac of the port carrying the...

sleerf

I'm sorry if I wasn't more specific. This isn't using pseudobridge. Ubiquiti (UBNT) uses a proprietary TDMA protocol called Airmax which creates a transparent L2 bridge between the router & switch in the cabinet and the customer's routers. Each DHCP customer router's WAN mac is handed an IP from...

sleerf

So... Anyone care to offer some guidance since there are so many possible issues? It doesn't seem to be much more than an annoyance. Many of the possiblities I see above don't apply to my situation but honestly - some of them are over my head...... But that's how we learn, right? lol We have a CCR 1...

sleerf

The manual has some recommended firewall settings for an ISP and I'm curious about a couple. add action=drop chain=forward comment="Drop tries to reach not public addresses from LAN" dst-address-list=not_in_internet in-interface=bridge1 log=yes log-prefix=!public_from_LAN out-interface=!br...

sleerf

What I'm suggesting is a "changelog" where a running log of changes can be kept over the long term. As it is, the log runs out after a couple weeks and the data in it I like to see when there is a problem. But to scroll through 10,000 lines of code to see what changes have been made over t...

sleerf

I'm sorry. I totally lost track of this. Haven't had much time for wishing and daydreaming. lol I read my post and I did a terrible job explaining what I want. So let me try again.... We have webfig off for security reasons. No need to have it up there with a public static IP and hackers hammering a...

sleerf

I have a very small ISP which is barely making any money so I don't have much cash to work with. I signed up with a billing system provider a little over a year ago and part of signing up with them was that they offered to build in top of the line firewall rules along with secure remote access. Sinc...

sleerf

Don't mean to hijack the thread but it seems to make sense to keep discussion regarding a specific issue in one place rather than multiple threads..... I have the same issue, but only with some devices. I have two Fujitsu laptops and a Fujitsu tablet, as well as a galaxy note 9 which all connect to ...

sleerf

Thank you! I was stumped on this a year ago and gave up!

sleerf

If I connect remotely via L2TP, I can turn this off, right?

sleerf

A /ppp profile sets various parameters used by PPP-like (PPP, PPPoE, PPTP, L2TP, SSTP, OVPN) clients and servers, but not passwords. Local servers use the passwords specified under /ppp secret , or RADIUS, to authenticate remote clients. See https://wiki.mikrotik.com/wiki/Manual:PPP_AAA Local clien...

sleerf

It would help if you could be a little more specific about the errors you get, especially since you say that it works, but yet it apparently doesn't.

With that said, I had a lot of trouble with Win10's firewall and default VPN adapter configuration.

sleerf

I know this may seem like a very basic question but my engineer is out and this makes me nervous. We have two default profiles in PPP = default and default encrypted. I do understand that these are used as templates. But they have public IPs on them and I see no place to create a password. Is this r...

sleerf

My apologies if this has been covered previously. I searched and there are literally thousands of threads regarding VPN but not what I want to accomplish. We only access our mikrotik routers using winbox through a VPN. We also manage a lot of equipment on our Networks through VPN. Some browsers like...

sleerf

https://wiki.mikrotik.com/wiki/Manual:System/Note

sleerf

I know this is a very old thread. Just curious how I would modify this to allow the traffic to proceed to a specific domain where payment can be made?

Basically I want the user to be pushed to www.ididntpaymybillnotice.com where they can then click a link and be redirected to www.paymybill.com

sleerf

Wow. I never said anything about dumbing down the system. Only adding some capabilities that generate more market share which increases profits and produces that outcome you desire. I use mikrotik routers professionally as well. I'm proficient with both the gui andbthe command line although I don't ...

sleerf

The argument against this is similar to the argument that the gui isn't needed at all because there's a command line. The argument against this, is that it will produce anecdotal time and money savings. Anecdotal? How can you pretend to know the benefits, or lack thereof, without fine details regar...

sleerf

I don't disagree with a lot of the points made about each user's needs being unique. What I'm backing the OP on is the concept of a wizard for basic firewall rules to save time and resources which saves money. The argument against this is similar to the argument that the gui isn't needed at all beca...

sleerf

This activates the firewall but does nothing to rules. The way I see what the OP is suggesting is a basic dialog box for basic rule configuration. Basically, you setup the router as you want it. Click the firewall "wizard" and you get a bunch of options for basically creating and customizi...

sleerf

I not only agree but would like to see a customer side portal for customers. It's not like there are dozens of companies already doing this.

sleerf

Curious if this worked for anyone. Running latest version 2.11 and still have the issue remoting in.

sleerf

He does have a valid point. I had the same question once. I suspect it gets asked by anyone who's assigned a static by mistake and wanted it back to dynamic. The solution - deleting the lease - doesn't feel very natural - especially the first time you do it. A button that simply carried out the comm...

sleerf

Our UBNT devices have a backup IP capability. I don't want to use the primary pool for this. They all plug into the same switch (SWOS) and into a port with a bridge. I also have two static IP ranges I need to add as well. Each time I try I can't add additional ranges to the same bridge. Am I doing s...

sleerf

I would be thrilled if there was just a general notepad for admins to make notes of changes made.

sleerf

I just setup router OS on Amazon Cloud yesterday and the version is 6.44.5 But I nearly thought the same thing you did and installed 6.36. Just before installing I noticed that they were out of order on the dates and when I looked more carefully I discovered that 6.44.5 was there. Hope that helps yo...

sleerf

UPDATE: OK. This is silly. I was able to print the entire list with number for rules with just one command: print :-) I was greeted with the entire rules list with numbers. This one turned out to be number 34! Why? No clue. I counted and recounted and it should have been 31. And no 34 came up in the...

sleerf

Can't sort this out. Constantly ....every 4 seconds... "dhcp, warning DHCP offering lease 192.168.88.28 for B8:69:F4:XX:XX:XX without success." We have a mikrotik 24 port CSS on the other end of a wireless connection serving about 20 customers in a building. I suspect the MAC identified is...

sleerf

I"m at my witts end. I have a CCR 1009 8G 1S 1S+ and it worked fine over a previous connection. That building was foreclosed on and we moved our pop. Our new pop we could only get spectrum fiber in and have a /28 along with internal IPs. The setup was static IPs on one port, and internal DHCP o...

sleerf

Weird issue. 3011 passes static external and internal ips just fine using two ports plugged into the same switch. But a CCR I can't get it to do it. I thought the CCR was bad. Bought a new one (ccr 1009). It won't do it either. Any ideas?

sleerf

this doesn't work for me at all. I entered the WAN interface as the static IP of the router itself and the LAN as the internal IP my machine has connected to the router. ie | /ip firewall nat add action=dst-nat chain=dstnat comment=PLEX in-interface=71.XX.XX.XX dst-port=32400 protocol=tcp to-address...

sleerf

I kind of hoped that you have it all figured out and you only missed the part how to match against MAC address instead of IP address. ;) In other words, that you'd only exchange src-address=1.2.3.4 for src-mac-address=01:02:03:04:05:06 in your solution. But your request as whole is not exactly easy...

sleerf

There's src-mac-address matcher, so you can use that on directly connected router.

Thanks. Would you mind being a little more specific? I'm not sure exactly what you're referring to.

sleerf

We're in the middle of moving to splynx which will be configured to handle non-payments and such. I have one customer I need to do something about quickly. All I want to do is redirect them via mac address to a paypal checkout page without them being able to get anywhere else. I want to block all ot...

sleerf

Planning to make some changes remotely and I need to know if this "bug" is still a problem or if safe mode working remotely in winbox 6.44.1 in win10 with a CCR 1009 8G 1S 1S+ is truly "safe". One thing I noticed is that by default "Autosave on Close" is checked and I'm...

sleerf

I have a similar issue. We have a /28 fiber connection connected to the SFP+ port. The building we're sending to has about 30 customers and 4 need PUBLIC static IP addresses that they can reach from remote locations outside the network. Everyone else is being handed DHCP address over ethernet. The w...

sleerf

This is making me crazy. half the commands here don't even function in the Command line for some reason. either they have changed in the last year or ----hellifikknow. can this not be done through winbox?

sleerf

Hello, friends! I trying to use only NAT port 32400 forwarding add action=dst-nat chain=dstnat dst-port=32400 in-interface=pppoe \ protocol=tcp to-addresses=192.168.10.10 to-ports=32400 and web access to plex is working, but access to plex via smart tv app didn't work. Then i try add this rule to f...

sleerf

which of these pins do i jump to do a hard reset?

https://photos.app.goo.gl/BoGPLEKNU3W3FSnY9

sleerf

I can't figure this out. Sometimes it's an hour, sometimes, 8, but at some point The thing just loses it's external IP info and drops off the grid. I look in the quick settings and the IP is 0.0.0.0. I enter the static IP and it's back on again. Runs fine for a while then just drops. connect manuall...

sleerf

I know this is a 3 yr old thread but I still don't understand one thing. I've looked at various charts that mention MCS7 and MCSO on the cAP lte. But it doesn't show a throughput. The details in the listing show a max data rate of 300M but the details below state 54M at 18dbm and then no data rates ...

sleerf

I'm stumped. I plugin with my laptop, all works well with the internet over airfiber. I assign the same settings in my ccr or my rb2011 and I get the same result. Intermittent complete loss of connectivity. 2-3 minutes off, then it comes back up for 5-10 minutes. I'm stumped. Since I have conectivit...

sleerf

I've been all over the boards and of course likely overlooking something. The mikrotik wiki states that the way to do this is to implement the calea functions on the router and point them to the CALEA SERVER. Then there are some settings mentioned for CALEA SERVER. What I can't find is a download fo...

sleerf

i think what keeps being overlooked here is that unlike MPLS or an ELAN solution, SD-WAN has packets traversing two separate independent networks. At least it should be. It kind of defeats the purpose to carry it over an internet T1 and DSL if they both go back to the same switch and network. Assumi...

sleerf

awesome. thanks for the tip. I'm looking at some software defined options for this right now. Seems like my only option to do this.

sleerf

I agree with you. However I doubt you will see it anytime soon. I use OSPF with BFD on each tunnel and it switches very fast. But your right that its not balancing loads etc. That particular client uses a static IP from my POP that floats between the tunnels. They have an onsite PBX and it allows t...

sleerf

Right. SD WAN is going to be asked for and needed more and more. That was my point. Like you said, you already have three tunnels. But from what I could get from your explanation, they are tiered as basically failover. If one drops, the next picks up. But imagine having your three automatically rout...

sleerf

A true WAN isn't really "software designed". When you have multiple buildings, you could use ethernet if all the buildings are within about 300 ft. Then you have a WAN. Internet need not be part of it at all. If you go wider you could use dedicated leased fiber or dark fiber. It's physical...

sleerf

A VPN only functions over a single connection. SD WAN is more robust. You can utilize multiple connections for instance and create a secure tunnel that sends packets over whichever has the least congestion at the moment. So for instance, you're a bank and your traffic to the banking server over a VP...

sleerf

Getting lots of requests for this from customers.

sleerf

Who is the WAN solution provider and what is the WAN solution? Most true WAN solutions like MPLS honor QOS tags. If you are using plain internet with VPN, that's not really a true WAN service. If you have a company like Time Warner handing you a layer 2 connection or point to point, then your QOS ta...

Search found 62 matches