The trick is to first DISABLE the 'load last session' option in the Winbox
loader, then go into the respective session, arrange the windows accordingly
and then press exit.
Now ENABLE the 'load last session' for the particular router and go back in and
the settings should be retained.
-O
So I was wrong, thanks for the correction Butch
--
Regards
Hilton
-Original Message-
From: Butch Evans
For others that answered, the rule that Ty posted IS the right format
and in the right chain.
___
Mikrotik mailing list
Mikrotik@mail.but
Your rule will only work in the forward chain, DHCP packets aren't routed
.
Sent whilst mobile...
Ty Featherling wrote:
Can someone confirm that you CANNOT manage traffic FROM the DHCP Server on
a Mikrotik with IP Firewall?
To test this I added the rule:
add action=log chain=output disable
Suwanto, what you could do is assign a specific IP address range for the VPN
clients, then add a routing rule to either block them or to route back via
their own route.
--
Regards
Hilton
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butch
I think will work for the Wiki.
https://www.mikrotik.com/client/registeruser.php
--
Regards
Hilton
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Wayne Hancock
Sent: 10 October 2013 14:51
To: Mikrotik discussio
I thought version 4 only went as far as 4.17?
--
Regards
Hilton
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of ralph
Sent: 06 August 2013 15:10
To: 'Mikrotik discussions'
Subject: Re: [Mikrotik] Need copy of 4.9
Just set Outlook to NOT remove line breaks.
--
Regards
Hilton
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Jerry Allen
I hate Outlook at times :)
On Jun 28, 2013, at 11:12 AM, "Jerry Allen" wrote:
> For some
I was going to use it to power a USB 3G modem with the appropriate adapter.
--
Regards
Hilton
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Tayeb Meftah
hey guys,
what's the use of the Micro USB controler in RB2
Just enable the web proxy and add the required domains to the access section
with a redirect to the site of your choice.
I do this for all port 80 when a client has not paid. They get to my 'suspended
account' page.
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mail
Thanks Andrew.
So what you're saying is that I can regularly download a list of my local IP
addresses, then scrub them with the appropriate RouterOS settings and then
upload to a FTP server for automatic download/update from my customers' routers?
--
Regards
Hilton
-Original Message-
We have installed this and I am thinking of using it to dump logs and queue
usage stats. plug a 250GB usb drive to alleviate the loss of info after a
reboot.
Let's see what happens.
- Original Message -
From: Josh Luthman [mailto:j...@imaginenetworksllc.com]
Sent: Wednesday, January 25,
No the solution is to use Google Groups that will filter out the 'out of
office' replies. Or at least most of them.
--
Regards
Hilton
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Josh Luthman
Sent: 22 November
I "think" ether1 cannot be used in 'slave' mode but other than
that...
--
Regards
Hilton
082.572.9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Jeromie Reeves
Ok so /someone/ mixed up so
I use it every day to switch on various computers. Works like a dream.
--
Regards
Hilton
Sent from Samsung Mobile
Chupaka wrote:
RouterOS can send WoL packets - have anybody tested it?
2011/7/16 Jeromie Reeves
> You can do WOL from the 'net. You need to put the target in the DMZ
> generally a
What you need to do is switch on the web proxy, then create a log prefix
especially for this and watch the results. You'll soon see who is using what.
If however you already know which IP is the culprit, then just redirect only
this via the web proxy for further analysis in the logs.
I've attac
Won't a reboot sort this out?
--
Regards
Hilton J Ralphs
Think Technologies
-Original Message-
From: Damai
What I want to delete is the routing-table name, so when I access via
winbox
and want to change to another routing table, it doesn't show up all the
unused
routin
Couldn't agree more, 4.11 seems to be very stable.
--
Regards
Hilton
082.572.9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Chris Gotstein
Been running 4.11 on all our APs for quite a while now. Been very
No use 4.5 or 4.6 is pretty stable but I run 4.10 on my own routers and so far
so good.
--
Regards
Hilton J Ralphs
Think Technologies
-Original Message-
From: Rory McCann
So would the general consensus be that 4.TEN is the best build to run in
the 4 series or is there another build
Thanks Andrew!
--
Regards
Hilton J Ralphs
Think Technologies (Pty) Ltd
082.572.9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Andrew Cox
Just some heads up for anyone who's interested in my wo
Come on Josh, Rick is asking you for help.
--
Regards
Hilton J Ralphs
Think Technologies
-Original Message-
From: Josh Luthman
I don't get any phone calls about it.
On Mon, May 31, 2010 at 1:57 PM, RickG wrote:
> Its strange because I hear XBox works fine on my network (it
Thanks Kurt, whilst I don't have a Cisco box, your config helped me connect two
Mikrotik routers together, something I was having a problem with.
Thanks again.
--
Regards
Hilton
082.572.9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.bu
No it was only available on request.
--
Regards
Hilton
082.572.9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Josh Luthman
___
Mikrotik mailing list
Mikrotik@mai
Rory, you need to look at L2TP and then possibly EOIP in the tunnel. This would
keep your subnets intact. Just create a netwatch to check the wireless link and
when it fails fire up the L2TP client to 'phone home'.
--
Regards
Hilton J Ralphs
Think Technologies
-Original Message
I'm sure there's supposed to me another rule. Something like masquerade your
local IPs to that destination port (80).
--
Regards
Hilton
082.572.9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Rory McCann
Jo
Not sure why that guy is using the bridge like he is but there is a new mangle
mark called "no mark" which is essentially everything you don't specifically
mark. So mangle traffic for HTTP (connection and packet marking) and then
set-up queues for HTTP and "no mark", giving HTTP the higher prior
I only use Sam's (changeip) scripts on all my routers.
Works like an absolute charm.
Josh what did you battle with?
--
Regards
Hilton J Ralphs
Think Technologies
-Original Message-
From: Josh Luthman
ChangeIP has a MT script and service. I could not get it to work
reliably wi
else who understands the proper way to start a
signature!
--
Regards
Hilton J Ralphs
Think Technologies
-Original Message-
From: Butch Evans
Why they are making these upgrades free, or if it will continue is something
that is unclear (at least to me
Loaded it just now and mixed results.
--
Regards
Hilton
082.572.9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Andrew Cox
Woohoo! Been looking forward to this for so long :-D
Oh and no this isn't an April
Yes but only if you are stupid enough to generate silly three character
passphrases. Do the maths, a 26 character PSK will take AGES to crack,
especially if you're using a combination of all 26 letters, upper and lower
case (52) plus numbers (10), plus extended ACSII (32 looking at my keyboard).
You will need it set if any of your clients connect via a VPN and then want to
reach another user on the same subnet.
--
Regards
Hilton J Ralphs
Think Technologies
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com
TJ, why the need for the fragmented IP ranges?
Unfortunately as Josh previously suggested you won't be able to make it into a
/23.
If you need 500 odd addresses you either need to have an address range of;
192.168.0.0/23
Usable IPs
192.168.0.1 - 192.168.1.254
Or
192.168.2.0/23
Usable IPs
192
It works now and it's called hairpin NAT.
I just setup an example to test for the OP.
--
Regards
Hilton J Ralphs
Think Technologies
-Original Message-
From: Josh Luthman
Sent: 15 March 2010 19:41
Nor do I. Butch told me that is what causes the problem that he and I
share. =
You need to add these rules;
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=192.168.0.100
protocol=tcp
dst-address=!192.168.0.0/24 dst-address-type=local
/ip firewall nat add chain=srcnat action=masquerade protocol=tcp
src-address=192.168.0.0/24
dst-port=21,20
This s
I think you need port 20 AND 21 and then perhaps enable it under /ip /services.
--
Regards
Hilton
082.572.9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Vadkan Jozsef
Does routeros need an ftp conntrack modu
Anto, this is exactly how changeip works. Create a free ChangeIP domain name
and then in your abc.com zone, create a CNAME to point to that new 'domain'.
Easy.
--
Regards
Hilton
+2782-572-9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.
I'm afraid I don't but at HQ there must be at least 30 users. All sites have
4mb DSL connections with 512kb upload.
--
Regards
Hilton J Ralphs
Think Technologies
-Original Message-
From: Chris Gotstein
Do you know about how much bandwidth you are pushing throug
I have a client with 4 remote sites connecting via L2TP. Across the tunnels I
run POP3 mail, RDP sessions to terminal server including printing back to
local printers and file sharing. www breakout is at each site. HQ is RB433AH,
others are RB433.
No hassles so far.
--
Regards
Hilton J
Tools, Graphing, Interface Rules.
--
Regards
Hilton
+2782-572-9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Scott Reed
Sent: 02 February 2010 14:53
To: Mikrotik discussions
Subject: Re: [Mikrotik] Ethernet p
I decided to try one of the R52N cards in my home router to use as an AP.
It's c...@p.
My cell phone constantly disconnects due to the wireless suddenly becoming
"unavailable".
The old R52H card never gave me a second's worth of trouble in the last two
years. I'm sorry now that I moved it onto
Most switches operate at the data link layer and therefore don't know about
layer 3 issues like IP addresses.
Your IP packets would be encapsulated in a frame with only MAC addresses being
known to the switch.
So having said all this I don't think you will have an issue.
--
Regard
Are you simply referencing the script in question in the scheduler or are you
trying to run the script within the scheduler?
The latter won't work in the later versions.
In terms of the policies, I have write, read, policy and test checked.
Regards
Hilton J Ralphs
Think Technol
You can't use ether1 in the switch configuration (I think because it's POE).
Basically it's ether1 for WAN and ether2 - 9 for a simple 8 port switch
Regards
Hilton J Ralphs
Think Technologies
From: mikrotik-boun...@mail.butchevans.com
You may want to check this out;
http://forum.mikrotik.com/viewtopic.php?f=2&t=33603&hilit=ssh
--
Regards
Hilton
+2782-572-9619
-Original Message-
Can I somehow SSH tunnel to a RouterOS?
___
Mikrotik mailing list
Mikrotik@mail.butchevans.co
But then you run into different MAC address issues. Perhaps a better way is to
export the various sections (as opposed to a root export) and then import
(paste) in the correct order (i.e. first import the part where you change the
interface names then firewall rules).
--
Regards
Hilton
+2782-5
No
Any admin worth his salt won't be using HTML to compose emails regarding a
technical issues on a technical mailing list. Talk about a fau'par!
Keep the HTML email for sending love letters to your Granny. For heaven's sake
man do these people not k
I've now switched to Google DNS and no problems (of course) but now I can't use
the OpenDNS content filter.
Sigh!
--
Regards
Hilton
+2782-572-9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Mike Hammett
Wha
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Butch Evans
> If you bridge, the IP belongs on the bridge. If you will be routing,
> the IP goes on the interface (obviously).
>> What's the difference between assi
Assuming of course your IP address is static. If it's dynamic then you need a
computer on the inside that is always on to update the IP. Unfortunately unlike
changeip.com or dyndns.com opendns.com requires a https connection to update
its clients.
Unless of course someone's managed to get this
You need to search through the Mikrotik forums as there is definitely
information about this somewhere there.
--
Regards
Hilton
+2782-572-9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Doug Clark
Sent: 17 N
.com)
Hilton J Ralphs wrote:
> Yes this is how it works.
>
Hrm, something isn't right then somewhere because this behavior doesn't
exhibit itself on the rest of my network(s). Its just this one router.
___
Mikrotik mailing list
Mikrotik
Yes this is how it works.
--
Regards
Hilton
+2782-572-9619
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Kriss (Nebonet.com)
Anyone have the problem where proxy-arp will cause a tik to prevent
other ip addresse
I simply don't enable port 22, well at least from only a 192.168.0.0/16 range.
If I need to access the router via SSH I just connect via VPN and then SSH from
there.
--
Regards
Hilton
+2782-572-9619
-Original Message-
From: Butch Evans
In my classes, I discuss a particular method of c
The IP needs to be somewhere on the LAN preferably. The default gateway would
be the most obvious but if your internet comms are down, you don't want the
router rebooting every five minutes. So yes the IP of an AP would be good.
What is not good is that your watchdog-timer is set to 'on' and it'
According to the manual the system will reboot after 6 sequential pings to the
given IP address fail.
My experience is more with the hardware watchdog timer as mentioned in my
previous post. This certainly works and more than often I'm not even aware that
there was a problem (behind a router an
If you set the 'watchdog-timer=yes', it will reboot the routerboard if it is
unresponsive for more than a minute.
This should work for you.
--
Regards
Hilton
+2782-572-9619
-Original Message-
On Behalf Of Josh Luthman
I had a RB493 lock up today creating some down time.
Would it be w
55 matches
Mail list logo