|
falz posted:You have to have two radios in a router if you want to have it be an AP and also bridge back to another. Or the power line adapters instead. Thanks.
|
#
?
Jun 26, 2015 03:31
|
|
|
|
| # ? Jun 5, 2024 06:50 |
|
|
PUBLIC TOILET posted:Or the power line adapters instead. Thanks. If this doesn't work out and you have coax in the walls don't forget MoCA adapters. The TiVo store is the cheapest place I've seen a pair.
|
|
#
?
Jun 26, 2015 14:29
|
|
|
I know I've done this before but I can't figure out what I'm doing wrong. I've got a Mikrotik Groove-a here I bought for my brother to use as an additional outdoor access point to put in his network. He's using an off-the-shelf router to connect to the internet. I want clients to be able to connect to the Groove and get a DHCP address from the router and connect to the internet, but I can't get the Groove to function being set up as a simple access point, ie no routing no NAT on the Groove. Let's assume his internal network is 192.168.0.0/24.
|
|
#
?
Jul 1, 2015 17:56
|
|
|
Gorson posted:I know I've done this before but I can't figure out what I'm doing wrong. I've got a Mikrotik Groove-a here I bought for my brother to use as an additional outdoor access point to put in his network. He's using an off-the-shelf router to connect to the internet. I want clients to be able to connect to the Groove and get a DHCP address from the router and connect to the internet, but I can't get the Groove to function being set up as a simple access point, ie no routing no NAT on the Groove. Let's assume his internal network is 192.168.0.0/24. latvia.com is down so I can't grab examples right now, but have you looked into the quickset options? It's the top button in winbox and I'm not sure where in the web interface. Home AP sounds about right for what you are describing.
|
|
#
?
Jul 1, 2015 18:47
|
|
|
Looks like they're finally putting it a tiny bit of better patch management besides "Download bestest version" 6.29.1 will have just bug fixes of 6.29, versus before all new content (including new bugs) plus previous bug fixes would have gone right to 6.30. Mikrotik: joining the 1990s.
|
|
#
?
Jul 1, 2015 19:03
|
|
|
jeeves posted:Looks like they're finally putting it a tiny bit of better patch management besides "Download bestest version" 6.29.1 is already out and I am running it LIVE A LITTLE MAN
|
|
#
?
Jul 1, 2015 21:31
|
|
|
thebigcow posted:latvia.com is down so I can't grab examples right now, but have you looked into the quickset options? It's the top button in winbox and I'm not sure where in the web interface. Home AP sounds about right for what you are describing. I got it working, but only through this process: 1. reset Groove 2. log in via Winbox 3. Set up security profile 4. Change WLAN to "AP Bridge" 5. Set up SSID, change security profile, channel, etc 6. Create a new bridge, add wlan and ether-1 on ports tab 7. Create DHCP client I did not change any IP addresses, and plugged it into the network here at work and am able to access the internet from a laptop. Is this a viable configuration? I'm not sure what I am doing wrong on the Quick Set for "Home AP". *edit* disabled DHCP client and set a static IP on ether-1, so now I can connect to the internet through it and configure it via a static local IP. Now it is working as I would like. Gorson fucked around with this message at 22:53 on Jul 1, 2015 |
|
#
?
Jul 1, 2015 22:44
|
|
|
I recently moved, and my old mikrotik gave up the ghost in the process - it will no longer power on. I'm considering getting a RB850Gx2, but I need wireless too. Any recommended APs to pair with it that won't break the bank?
|
|
#
?
Jul 2, 2015 01:59
|
|
|
Home AC stuff is supposedly scheduled for sometime this half of the year, I might suggest borrowing something or waiting to see how they pan out, alternatively the haplite is pretty decent as a hold over.
|
|
#
?
Jul 2, 2015 16:15
|
|
|
Apparently a bunch of CCRs crashed due to the leap second. Heh.
|
|
#
?
Jul 2, 2015 17:24
|
|
|
Atreus posted:Home AC stuff is supposedly scheduled for sometime this half of the year, I might suggest borrowing something or waiting to see how they pan out, alternatively the haplite is pretty decent as a hold over. Waiting isn't really doable - I need to VPN into home from outside, among other things, and the comcast cable modem/router combo is awful. Getting a hAP-lite to provide wireless alongside the RB850Gx2 may very well be what I do. (Curse you, Latvia and your ability to make me spend money.)
|
|
#
?
Jul 2, 2015 17:57
|
|
|
Kenlon posted:I recently moved, and my old mikrotik gave up the ghost in the process - it will no longer power on. Have you checked the power transformer? It seems to be the first thing recommended to check when a mikrotik router won't work.
|
|
#
?
Jul 2, 2015 18:00
|
|
|
What kind of throughput do you need? Is 2.4 GHz wireless fine or do you need 5? Do you need bigger than normal Ethernet frames? The RB2011-whatever might do everything you want for $100. Fancier than that and the costs start getting out of hand.
|
|
#
?
Jul 3, 2015 20:14
|
|
|
So I have an exported configuration (.rsc) from a MikroTik running version 5.26. I'm attempting to import it into a MikroTik running version 6.30. I've been using verbose mode while importing because the process is failing on multiple sections of the script. For instance, version 6.30 doesn't seem to understand the "l2mtu" variable or the "channel-width" variable. I'm guessing that I shouldn't waste my time trying to do this and should only stick to doing this between routers running the same version software (6.x to 6.x)? Would I be better off just upgrading all routers to 6.30 and doing an export from a working one then import on the one needing configuration? Or is there a way to import a 5.x configuration to a 6.x router?
|
|
#
?
Jul 9, 2015 05:03
|
|
|
Welp. I got the routers, set up the RB850Gx2 just fine, and then performed some classic sawing-the-limb-I'm-sitting on with the hAP lite. And the reset procedure (hold reset for five seconds when booting the device) doesn't seem to be restoring it to factory settings.
|
|
#
?
Jul 9, 2015 06:56
|
|
|
Kenlon posted:Welp. I got the routers, set up the RB850Gx2 just fine, and then performed some classic sawing-the-limb-I'm-sitting on with the hAP lite. And the reset procedure (hold reset for five seconds when booting the device) doesn't seem to be restoring it to factory settings. /system reset no-defaults=yes
|
|
#
?
Jul 9, 2015 15:43
|
|
|
PUBLIC TOILET posted:So I have an exported configuration (.rsc) from a MikroTik running version 5.26. I'm attempting to import it into a MikroTik running version 6.30. I've been using verbose mode while importing because the process is failing on multiple sections of the script. For instance, version 6.30 doesn't seem to understand the "l2mtu" variable or the "channel-width" variable. I'm guessing that I shouldn't waste my time trying to do this and should only stick to doing this between routers running the same version software (6.x to 6.x)? Would I be better off just upgrading all routers to 6.30 and doing an export from a working one then import on the one needing configuration? Or is there a way to import a 5.x configuration to a 6.x router? Its changed enough that I wouldn't try importing a 5.x config to 6.x. You could dump the old one to text for comparison.
|
|
#
?
Jul 9, 2015 19:26
|
|
|
jeeves posted:/system reset no-defaults=yes Doesn't work if you can't connect to it. Does winbox still see it if you connect on the same l2 network? Or is your problem also that you don't have a working login?
|
|
#
?
Jul 9, 2015 19:28
|
|
|
thebigcow posted:Doesn't work if you can't connect to it. Yeah, try doing a Winbox MAC address connect. It's the second best to a console port (if it works).
|
|
#
?
Jul 9, 2015 19:59
|
|
|
Look at this gigantic list of things and tremblequote:What's new in 6.30 (2015-Jul-08 09:07):
|
|
#
?
Jul 9, 2015 20:12
|
|
|
Yeah, I'll be waiting until a 6.30.1 before even touching that. Also, is RoMON still enabled by default? I haven't upgraded any of my devices past 6.27 due to that thing and people saying you have to go out of your way to disable it once upgrading.
|
|
#
?
Jul 9, 2015 20:40
|
|
|
thebigcow posted:Its changed enough that I wouldn't try importing a 5.x config to 6.x. You could dump the old one to text for comparison. Yeah I thought so. I didn't yet compare the configurations side-by-side but I believe you regardless. I suppose I might as well do it by hand and export a generic 6.x configuration for future use.
|
|
#
?
Jul 9, 2015 22:09
|
|
|
jeeves posted:Yeah, I'll be waiting until a 6.30.1 before even touching that. I don't remember if it was on by default, but its just a check box unless I'm missing something.
|
|
#
?
Jul 9, 2015 22:40
|
|
|
Looks like they released the CCR1072. Multiple cores, but doesn't seem like some of the services are properly multithreaded. ex. BGP
|
|
#
?
Jul 13, 2015 22:02
|
|
|
Atreus posted:Looks like they released the CCR1072. Multiple cores, but doesn't seem like some of the services are properly multithreaded. ex. BGP MOAR CORES *uses two* The bigger deal is that its all SFP+ except for a single gig Ethernet port for setup and it has redundant power supplies with fancy clip things to hold the cords. I don't know where it compares to it's competition at 3k but it seems at that price point dealing with Latvian QA isn't worth the savings.
|
|
#
?
Jul 13, 2015 22:39
|
|
|
jeeves posted:Yeah, try doing a Winbox MAC address connect. It's the second best to a console port (if it works). Which it doesn't. It's goddamn annoying - I know it's there, it's arping for 192.168.88.10 (the address it had before I sawed off the limb) but I cannot connect to it by any means, and trying to factory reset or NetInstall it has been useless.
|
|
#
?
Jul 14, 2015 07:43
|
|
|
thebigcow posted:MOAR CORES *uses two* Price/performance is awesome compared to some of the access devices that we use here, but that's apples to oranges. Can't compare Cisco/Ciena support to Latvia.
|
|
#
?
Jul 14, 2015 13:12
|
|
|
So I am just getting into Mikrotik stuff and it is quite powerful and awesome. The cheapo 20-25 bux hAP lite models are great for mom and pop situations and stable and fully featured. But I have need to create a wifi bridge between 2 houses seperated by around 500 ft. Both houses will have lots of computer equipment so the speed of the bridge is important. Can someone recommend a AC compatible set of antennas/aps suitable for a point to point bridge?
|
|
#
?
Jul 14, 2015 15:59
|
|
|
Are you wanting mikrotik? For a simple point to point it's hard to beat a pair of Ubiquiti Loco M5 units at about $40 a pop.redeyes posted:So I am just getting into Mikrotik stuff and it is quite powerful and awesome. The cheapo 20-25 bux hAP lite models are great for mom and pop situations and stable and fully featured. But I have need to create a wifi bridge between 2 houses seperated by around 500 ft. Both houses will have lots of computer equipment so the speed of the bridge is important. Can someone recommend a AC compatible set of antennas/aps suitable for a point to point bridge?
|
|
#
?
Jul 15, 2015 00:12
|
|
|
Loco M5 radios are all kinds of awesome. I've literally never had a problem with the pairs I've put up. They are as close to set-and-forget as you can be.
|
|
#
?
Jul 15, 2015 00:18
|
|
|
Thanks Ants posted:Loco M5 radios are all kinds of awesome. I've literally never had a problem with the pairs I've put up. They are as close to set-and-forget as you can be. I need more bandwidth.. as high as possible without breaking the bank. Something like this looks good.. but I am not that familiar with their stuff: http://www.amazon.com/Mikrotik-RBSX...rds=mikrotik+ac redeyes fucked around with this message at 03:09 on Jul 15, 2015 |
|
#
?
Jul 15, 2015 02:51
|
|
|
Oh look, v6.30.1 was released six days later and two of the fixes in the changelog are exactly the issues I've been running in to while setting up a new router. 
|
|
#
?
Jul 18, 2015 04:18
|
|
|
Sooo, I finally got one and set it up this morning. Things are running well, with PPPoE set up and a couple of ports forwarded, but then I looked at the log.  What the hell is that? (Ignore the time stamps, I had the clock set wrong.) Should I expect more of this, and if so, how should I stop it?
|
|
#
?
Jul 20, 2015 02:02
|
|
|
Probably just bots trying to drive-by hack you. If you don't need telnet (you probably don't), disable it. Also consider adding firewall rules to drop incoming packets from the outside world on SSH and Web ports, unless you really need to log into the Mikrotik itself remotely. As long as the VPN is working, you can just connect to it, then to the unit itself from "inside".
|
|
#
?
Jul 20, 2015 02:18
|
|
|
Okay, I'll turn off telnet. Can you point me at and/or write an example of how to block external packets from hitting SSH or webUI ports? I'm a fast learning, but I often need a good example to crib off of. I haven't set up the VPN yet, but I'll get to that. I hear you on how that functions vis a vis remote access and security.
|
|
#
?
Jul 20, 2015 02:24
|
|
|
Unless you wish to log into your router remotely, it would be worthwhile adding a firewall rule dropping all traffic on the input chain with an in-interface of whatever port you're using for wan. This won't affect your NAT rules. If you need to allow specific things you can add an allow rule before the drop.
|
|
#
?
Jul 20, 2015 09:08
|
|
|
ROS newbie here. I have no need of remote administration, and my WAN interface is pppoe-out1. Could you help with some syntax or do-this-in-Winbox example?
|
|
#
?
Jul 20, 2015 16:34
|
|
|
Tapedump posted:ROS newbie here. I have no need of remote administration, and my WAN interface is pppoe-out1. http://wiki.mikrotik.com/wiki/Manual:Default_Configurations#Firewall.2C_NAT_and_MAC_server Try that with pppoe-out1
|
|
#
?
Jul 20, 2015 17:14
|
|
|
Tapedump posted:ROS newbie here. I have no need of remote administration, and my WAN interface is pppoe-out1. Telnet into your router or use Winbox to get in. Open a terminal window and drop this in: /ip firewall filter add action=drop chain=input dst-port=23 in-interface=pppoe-out1 protocol=tcp That will drop inbound TCP packets on the port used by telnet. You can also turn off telnet access entirely by going to IP -> Services and disabling the telnet service in there.
|
|
#
?
Jul 23, 2015 00:04
|
|
|
|
| # ? Jun 5, 2024 06:50 |
|
|
Thank you all for your replies. I have followed and learned from the guidance. Now, the last thing is get a L2TP/IPsec VPN set up. I can get the VPN server running, and connect from it remotely, but I cannot ping/see/access anything other than the router. As is, I connect seemingly fine (getting assigned the IP address 192.168.115.88 I chose), I can bring up the router's Web GUI and ping its LAN address (192.168.115.1) but that's it. I can't ping the file server (192.168.115.99) or use its services (RDP, SAB, SickBeard, etc.). For lack of knowledge, I used these guides for reference: http://www.nasa-security.net/mikrotik/mikrotik-l2tp-with-ipsec/ http://ourhat.com/how-to-configure-vpn-with-l2tp-and-ipsec-using-mikrotik-router/ I recall that it was said that in my WAN interface I need to change ARP to proxy-arp or I would have this exact problem. But, when I did so to pppoe-out1, Internet wouldn't work. I see referenced arp-proxy on ether1, but I'm using PPPoE, so...?
|
|
#
?
Jul 23, 2015 01:31
|
|