Use the 10.1.1.254 default IP, as it doesn't change with the mode. For
that...
/ip address add address=10.1.1.1/24 interface=connected-to-epmp
/ip firewall nat
add chain=dstnat dst-address=PUBLIC protocol=tcp dst-port=80
action=dst-nat to-address=10.1.1.254
add chain=srcnat dst-address=1
If the routing and everything is correct, but the default gateway on
your radio is gone, you can add this NAT rule to make all the traffic
look like it's coming from your router (on the same subnet), bypassing
the effect of the incorrect gateway...
/ip firewall nat add chain=srcnat dst-address
On 01/23/2014 11:33 PM, Scott Lambert wrote:
On Thu, Jan 23, 2014 at 11:09:16AM -0800, Kristian Hoffmann wrote:
Not sure if this applies to your configuration, but I recently ran into
the same symptom in two similar cases. The short version is, regardless
of what the config and logs say, the
On 01/23/2014 11:58 PM, Butch Evans wrote:
This is true if you set the "generate policy" option in the IPSec
Peer. If you manually configure the policy, you define the source IP
to be used as the "SA Src Address" field. While I haven't tried it, I
would imagine that some creative policy rou
Not sure if this applies to your configuration, but I recently ran into
the same symptom in two similar cases. The short version is, regardless
of what the config and logs say, the IPSec packets will have a source IP
of the pref-src value for the route matching the IPSec endpoint. Example...
Does the RJ45 connector still break off if you look at it funny?
-Kristian
On 05/30/2013 07:13 AM, Jon Paul Kelley wrote:
I have been having very good luck with the RB711UA-2HND. It has the
integrated radio card and the performance has been very stable for me when
running as an AP.
Jon Paul Ke
Hi,
Just happened across this recently and thought, who would want to
rackmount three RB750s? I guess that answers my question. ;-)
http://www.ispsupplies.com/Home/IE-750S-RMA.html
Regards,
-Kristian
On 08/09/12 03:31, Antonio G. Sánchez Funes wrote:
Hello all,
Do you know who can provid
On 10/05/2011 11:23 AM, Simon Westlake wrote:
System->Logging
Actions tab
Double click 'Remote'
Define src address
Arg! Thanks for pointing that out.
-Kristian
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/
.
I had a 750 do that and it turned out to be a bad cap. I replaced the
cap for kicks and it worked again. Still, definitely not ideal.
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.fire2wire.com
Office - 209-543-1800 | Fax - 209-545-1469 | Toll Free - 800-905
On 09/22/2011 02:42 PM, Chupaka wrote:
I was using this unnumbered way in v3, I believe... Or maybe 2.9... Years
ago :)
Well fine then, forget everything I said. ;-)
-Kristian
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butcheva
I forgot to mention that I'm pretty sure adding unnumbered addresses in
this way is only supported supported in ROS 5.x.
-Kristian
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://
. Then you can assign addresses to any
POP from the same subnet. We've used this method to convert a bridged
WISP to routed, but that's another subject entirely.
HTH,
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://
A authentication and works with
RouterOS. You'll also probably want to wrap the login and cmd calls in
an eval block and trap authentication or other spurious errors if this
is for something non-interactive.
Regards,
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://ww
have a
ticket open with MT?
Thanks,
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.fire2wire.com
Office - 209-543-1800 | Fax - 209-545-1469 | Toll Free - 800-905-FIRE
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http:
er cycled, they boot up without problems and are running
5.5. I've upgraded ~200 RB411's of various flavors to 5.5 so far and
haven't seen the same problem there.
Has anyone else seen the RB493 problem?
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.f
nyone seen this, and is there a way to avoid it? The RB firmware was
up to date at v2.29 prior to the upgrade.
Thanks,
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.fire2wire.com
Office - 209-543-1800 | Fax - 209-545-1469 | Toll Free - 800-905
On 08/15/2011 11:25 PM, Martín Ruiz [Ibersystems.es] wrote:
I hope this helps
Replacing U601 looks like fun...
http://www.youtube.com/watch?v=c_Qt5CtUlqY
Does anyone actually go through the trouble in-house, or is the problem
usually not the ethernet transceiver itself?
-Kristian
; Подпись:
> (добавляется в конце всех исходящих писем)
>
>
>
> 2011/8/9 Kristian Hoffmann
>
> > Walking the routing table via SNMP on a MikroTik with many routes seems
> > to be a bad idea. I tried it with our MikroTik pulling a full feed from
> > our upstream
> Kristian,
>
> We use Zenoss also. Where did you disable RouteMap at?
>
> Terri Kelley
> Network Engineer
> 254-697-6710 x 1140
> Farm to Market Broadband
>
>
>
>
> On Aug 9, 2011, at 12:20 PM, Kristian Hoffmann wrote:
>
> > Walking the routing table
Walking the routing table via SNMP on a MikroTik with many routes seems
to be a bad idea. I tried it with our MikroTik pulling a full feed from
our upstream, and I rebooted the router just before it depleted all 2GB
of RAM. It normally sits at 1.7GB free. As soon as our NMS started
walking the r
In my experience, you can't bridge the untagged interface on a MikroTik
if you have VLAN interfaces on that same interface. For example...
/in br add name=test
/in br port add bridge=test interface=ether1
/in vlan add interface=ether1 vlan-id=10 disabled=no name=ether1.10
In this example, ether1
't
find the problem, but they looked at our configs and setup a test to
confirm that NSSA support does work as expected. We produced the same
test and applied the differences until it broke to find the cause.
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.fire2wire
ranslating them
to type-5 LSAs an injecting them into the backbone.
Has anyone been able to successfully redistribute static/connected
routes learned from within a NSSA into the backbone area? If so, would
you care to share to appropriate incantations?
Thanks,
--
Kristian Hoffmann
System Administ
Routes and address learned via DHCP show up as dynamic as well. Do you
have a DHCP client running on ether1 (/ip dhcp-client print)?
-Kristian
On Wed, 2011-01-05 at 13:00 -0700, Craig Baird wrote:
> We've got a private school on our network that has an MT router that
> we set up for them. For
Note that :execute runs asynchronously, so you can't assume that it will
complete before the next line in the script (which is handy
sometimes). :parse, does however. Instead of ":execute $cmd;" in your
example, you would do...
:local pCmd [:parse $cmd]
$pCmd;
I believe the trailing semicolon i
I don't know about the 411's, but we've had this problem with 532's. In
our case, it stopped rebooting when we set cpu-mode to regular from
power-save (/sys routerboard settings set cpu-mode=regular). I figured
keeping the clock rate up generated more heat preventing the ambient temp
in the case
Is it possible you drained the battery and under-volted the RB433? It
may be putting out 12.6v under no load now, but it could have dropped
during the storm. Is there a DC-DC converter or charge controller
between the batteries and your RB433 (e.g. something with a low voltage
disconnect)?
-Kris
If you have a static route, and you have OSPF set to redistribute
static, then your tunnel will flap as OSPF learns/unlearns the static
route over your physical/tunnel interface. I've solved this a couple of
ways.
I think the easiest way is to exclude the route in your ospf-in filter.
Something l
to each of the 15 routers.
>
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
>
>
> On Thu, Nov 18, 2010 at 6:03 PM, Kristian Hoffmann wrote:
>
> > If you upload a file via FTP with a name ending i
If you upload a file via FTP with a name ending in .auto.rsc, RouterOS
will automatically execute the contents and save the results in
*.auto.log. So... if you made a batch script they could run that
uploaded a script doing what you want, then it could be simplified to a
shortcut on someone's desk
Hi,
We have a dual processor x86 and an RB600 running VRRP together on 3.27.
There was a tx hang on the x86's ethernet interface, and VRRP did it's
job.
-Kristian
On Tue, 2010-11-16 at 17:36 +0200, james wrote:
> Hi Guys
>
>
>
> I am going to setup VRRP between two X86 machines running ROS V
In general, you cannot advertise prefixes longer than /24 (e.g. /29)
with BGP on the Internet. You may want to consider one of the failover
options available on MikroTik (multiple default routes with
check-gateway, netwatch scripts, etc.). I believe there are several
examples in their wiki, like.
parate tab for nstream (still?). What I did was choose the option
> >> that allowed all the above, and then nv2. Did not see a significant
> >> difference between them; at least on the bench. Both settings showed ~~
> >> 25Mbps both directions using the built-in spee
On Mon, 2010-09-20 at 15:09 -0700, Bill Prince wrote:
> Following that side track (nv2/nstream). The settings in the
> wireless section seem to be overlapping/redundant or something.
>
> Under the wireless tab, there is a selection for protocol (IIRC) where
> you can select nstream, nv2, or
ithout nstreme.
But, both work just fine with nv2. Very interesting.
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.fire2wire.com
Office - 209-543-1800 | Fax - 209-545-1469 | Toll Free - 800-905-FIRE
___
Mikrotik mailin
Not sure about a list of specific addresses, but you can do a range like
this...
/ip firewall nat add chain=srcnat src-address=192.168.1.0/24
action=src-nat to-addresses=10.0.0.1-10.0.0.3
You could probably do specific addresses with the "nth" match, but I'm
not very familiar with that. Maybe
As I understand it, option 82 works by having some intermediate device
modify the DHCP request and adding option 82 with information that
identifies a particular customer/circuit. So in order to take advantage
of this in a wireless environment, you would need a CPE that could add
the option?
Just
Is it possible the public and private sides of your hotspot are
inadvertently bridged together either in the mikrotik config or
physically between switches?
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.fire2wire.com
Office - 209-543-1800 | Fax - 209-545-1469
correctly). Adding custom data points and graphs has a bit of
a learning curve, but I don't think much more than with MRTG/Cacti/etc.
What is/isn't working?
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.fire2wire.com
Office - 209-543-1800 | Fax - 209-
On Mon, 2010-01-04 at 16:06 -0400, Keith Barber wrote:
> Hoping to squeeze some info about when a link/interface changed states, I
> added topics=route,event. Which did get me that info. However, it also got
> me pages and pages of ospf changes.And they all come in multi-lines, so
> they
We looked into these guys...
http://zscaler.com/
The web interface is pretty nice, but they seem to still be figuring
things out a bit. You can setup a NAT rule on a MikroTik to redirect
all HTTP traffic to their proxy and use their service to filter just
about anything that runs over HTTP. The
valid.
So, you could probably put the whole script in the scheduler event, you
just need to make sure you wrap it in {}'s.
HTH,
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.fire2wire.com
Office - 209-543-1800 | Fax - 209-545-1469 | Toll Free - 80
ill become a
regular thing, currently slated for every 6 months for the next 5 years.
Happy GISing!
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
http://www.fire2wire.com
Office - 209-543-1800 | Fax - 209-545-1469 | Toll Free - 800-905-FIRE
I think I'm a bit late to the party, but here's the perl script that I
use to convert our MikroTik scripts from human-readable text files into
importable rsc files...
http://users.fire2wire.com/~khoff/txt2rsc.txt
Just rename it to txt2rsc.pl and call it like so...
perl ./txt2rsc somescript.txt
access a device via an interface even if
auto-negotiation fails, but I could be making that up. I've noticed
that by default on an RB433, for example, ether1 will be set to yes, and
ether2 and ether3 will be set to no.
Regards,
--
Kristian Hoffmann
System Administrator
kh...@fire2wire.com
ht
short preamble on a clean link (not
excessive retransmits) in an effort to increase overall throughput.
Here's a good link with a brief explanation and some more details...
http://www.intel.com/support/wireless/wlan/sb/CS-025317.htm
Regards,
--
Kristian Hoffmann
System Administrat
I believe it's referred to as the "bump in the stack" model. It can be
much harder to troubleshoot because there are no interfaces to point your
finger at, and packets don't strictly follow the routing table (or at
least not as you might expect). I find it much easier to let another
protocol do t
On Wed, 28 May 2008, Keith Barber wrote:
> Does anybody know if the the proxy in MT can send any data like the hotspot
> does?
I doubt it. The hotspot code replaces certain tags in its own template
files. It is unlikely that the proxy will do the same on some arbitrary
url.
> For instance, t
elieve it
until I saw it with my own eyes as "ping -s 3000 ..." would stop/start
working as I disabled/enabled IP connection tracking. And just to be
clear, this doesn't just affect packets destined for the router, but any
forwarded packets as well.
Hope that helps,
--
Kristian
49 matches
Mail list logo