All,
Am I missing something here. I just want to configure a 750 as a simple
router. I ripped out all nat and FW rules and I have set my default 0.0.0.0
route.
What else am I missing?
-- next part --
An HTML attachment was scrubbed...
URL:
Yup,
It is finally working - sheesh.
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140804/fd572d2e/attachment.html
___
Mikrotik mailing list
-port=3074
in-interface=ether1-gateway protocol=udp to-addresses=192.168.200.93
to-ports=3074
[admin@RB2011UAS-2HnD] /ip firewall nat
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
1 949 681 5054
1 562 305 9545 Cell
Unity Network Services
*An iPass Company*
125 Technology Drive
Suite 100
Yes, Its the WAN IP.
I believe I still have the default rules in there. I removed the dest
address from the rule but still same issue.
I keep getting a syn sent in the connections log.
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
1 949 681 5054
1 562 305 9545 Cell
Unity Network
!
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140611/5d5dde95/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http
Working? :)
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
1 949 681 5054
1 562 305 9545 Cell
Unity Network Services
*An iPass Company*
125 Technology Drive
Suite 100
Irvine, CA 92618
On Mon, Apr 7, 2014 at 11:26 AM, Rick Smith onyx3...@gmail.com wrote:
Doylestown = Spoke side
Look at your Nat if this is split tunnel.
You should nat thru tunnel and masquerade to internet
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
1 949 681 5054
1 562 305 9545 Cell
Unity Network Services
*An iPass Company*
125 Technology Drive
Suite 100
Irvine, CA 92618
On Tue, Apr 8
Split tunnel means allow traffic destined to the other end to be encrypted
and all the remaining traffic defined straight to the internet vs. single
tunnel which all traffic is encrypted and sent thru the tunnel to the other
side. After I looked at it, you do have split tunnel ;)
*Jerry Roy*
Sr
send an export of the spoke side.
Thanks
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140407/898400f2/attachment.html
___
Mikrotik mailing list
Looks like the attachment was scrubbed. email to j...@ipass.com, lets see
if that will work :)
*Jerry*
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140407/3a921920/attachment.html
=10.94.64.16/29 dst-port=any
ipsec-protocols=esp level=require priority=0 \
proposal=juniper protocol=all sa-dst-address=216.231.x.x
sa-src-address=0.0.0.0 src-address=5.1.0.8/32 src-port=any \
tunnel=yes
[admin@SVNCHS-xxxcity]
Thanks for your input as always.
*Jerry Roy*
Sr. Systems
On Fri, Jan 24, 2014 at 4:46 PM, Josh Luthman
j...@imaginenetworksllc.comwrote:
162.93.0.0/16
216.231.198.0/24
Only these networks should be allowed. All else denied.
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
-- next part --
An HTML attachment was scrubbed
Ok, done. Makes sense and clean but how do I create the drop rule? What are
we dropping? The only networks I have defined are allowed and my default
drop input rule is denying other subnets/IP's that I have attempted access
from. Is there something else you are recommending?
*Jerry Roy*
Sr
protocol=tcp
add action=drop chain=input comment=default configuration disabled=no
in-interface=ether1-gateway-static
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik
to 8443 on the WAN?
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140127/494a18ab/attachment.html
to-addresses=0.0.0.0
Thanks,
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140124/a2d2421c/attachment.html
___
Mikrotik mailing list
Mikrotik
=!
192.168.98.0/24\
new-packet-mark=ELSE_OUT out-interface=ether2-master-local
passthrough=no
*Thanks,*
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140114/ca65d4e6/attachment.html
Is it possible to configure Hotspot capability on RB750 in and out of the
same interface? What I mean is router on a stick
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail
Anyone have free or discounted passes to Wispapalooza? I really want to go
to see all the hulabaloo and take an IPv6 Class but its all out of my own
pocket. I need to save some money on this trip. Anyone?
Thanks in advance for your responses and consideration.
*Jerry Roy*
Sr. Systems Engineer
as well have a look. $300 is a LOT of money just to be curious.
That's 1 night in a good hotel or two in a NTS (Not too shabby) :)
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
1 949 681 5054
1 562 305 9545 Cell
Unity Network Services
*An iPass Company*
125 Technology Drive
Suite 100
Thanks Josh,
It is very helpful.
Much appreciated :)
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
1 949 681 5054
1 562 305 9545 Cell
Unity Network Services
*An iPass Company*
125 Technology Drive
Suite 100
Irvine, CA 92618
*Read and share our white paper - *The Next Generation
I have tried and it keeps saying wrong password. What are you using for
password?
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
1 949 681 5054
1 562 305 9545 Cell
Unity Network Services
*An iPass Company*
125 Technology Drive
Suite 100
Irvine, CA 92618
*Read and share our white paper
could respond to from the terminal
to see if I can complete the registration process is https.
https://attreg.att.net/CDSLRegWeb/CDSLRegController
Now I was going to see if I could proxy my browser thru the MT and respond
:)
Any ideas on how to do this would be great :)
*Jerry Roy*
Sr. Systems
We have 4 att locations that will not encrypt ipsec traffic in both
directions. We see traffic from MT to our Juniper Head End bytes increasing
under the SA but ZERO bytes increasing coming back. We believe it has to do
with an att registration page that was not utilized during the self install
by
the
traffic is being denied somewhere else down the link on its way back to the
MT.
Keep us posted on the Los Angeles training! ;) I sure hope you can fit the
IPv6 in at that time as well!
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
1 949 681 5054
1 562 305 9545 Cell
Unity Network Services
Sorry All,
Jumped the gun. I see it is under system users via the winbox but just
users via the cli.
Thanks :)
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik
disabled=no group=full
name=admin password=Jeckle
add address= comment=Customer Read Only disabled=no group=read
name=csadmin password=hyde
Thanks,
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments
Hi Rick,
Your script would be kindly appreciated here as well.
Thanks,
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20130206/42ad6d53/attachment.html
OK,
I believe I have an accurate file and commands in the proper order but when
I load based on the command steps listed below, the Neighborviewer only
shows a 0.0.0.0 IP address. There are no log files on the 750. If I paste
the file Line by line, It configures correctly but I have to paste it
-applied.
Is the order of the commands what is causing portions to not be imported?
Does anyone have a document that explains what the best order the commands
should be in?
Any other Ideas?
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http
only message is:
Script file loaded successfullyfailure: pool with such name exists
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http://www.butchevans.com/pipermail/mikrotik/attachments/20121108/a0e1d581/attachment.html
Was that in a previous e-mail? I may have missed that. Can you resend?
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http://www.butchevans.com/pipermail/mikrotik/attachments/20121108/c56789fa/attachment.html
I also tried this process and I am directly connected on port 5 to the 750.
http://wiki.mikrotik.com/wiki/Manual:Flashfig
Does NOT work. Pretty frustrating that just uploading a text file with a
complete config can be unsupported by such a power product.
Thanks for your help.
*Jerry Roy
but it never reloaded and
has zero bytes in the log file.
Any help would be greatly appeciated.
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http://www.butchevans.com/pipermail/mikrotik/attachments/20121107/e86a5f84/attachment.html
rename sanitized-fullconfig.rsc to fullconfig.rsc
*Jerry Roy*
-- next part --
An HTML attachment was scrubbed...
URL:
http://www.butchevans.com/pipermail/mikrotik/attachments/20121107/7e473f16/attachment.html
-- next part --
A non-text attachment
add interface=ether5-slave-local
[admin@CS750-10]
*Jerry Roy*
Sr. Systems Engineer
MTCNA/MTCRE/MTCTCE
http://www.ipass.com/ http://www.ipass.com/
1 949 681 5054
1 562 305 9545 Cell
Managed Network Services
*An iPass Company*
125 Technology Drive Suite 100
Irvine, CA 92618
*Read and share our
=any tunnel=yes
add action=encrypt disabled=no dst-address=10.94.64.16/29 dst-port=any
ipsec-protocols=esp level=require priority=0 proposal=\
juniper protocol=all sa-dst-address=216.231.x.x sa-src-address=0.0.0.0
src-address=192.168.100.0/24 src-port=any tunnel=\
yes
*Jerry Roy*
Sr
Thanks Josh,
I will definitely filter next time :)
Jerry
-- next part --
An HTML attachment was scrubbed...
URL:
http://www.butchevans.com/pipermail/mikrotik/attachments/20120925/cfc6068f/attachment.html
___
Mikrotik mailing
server.
Thanks in advance for your insight
*Jerry Roy*
Sr. Systems Engineer
http://www.ipass.com/ http://www.ipass.com/
1 949 681 5054
1 562 305 9545 Cell
Managed Network Services
*An iPass Company*
125 Technology Drive Suite 100
Irvine, CA 92618
*be well connected*
*iPass.com/blog* http
39 matches
Mail list logo