any guy willing guide how to block user access facebook from phone? i was set the L7 protocal block is work 100% from pc. but user still can access the facebook from the phone / app. how to going to block them as well? can share with me about your firewall rules through?

I don't use Fortigate. My customer had a 50B (maitenance contract expired), but having issues with it. Sometimes on heavy load, it will just "lag". After disabling almost every feature... it still lags. The latency on peak period could be like 10 secs before there is a response. He told me, company started small, but at this size maybe the Fortigate cant handle the load. In the forum, some said to flash to earlier firmware, which are more stable and efficient...

In the end, we just test with my "standby/testing" 751G on 40+ users. No more issues with "lag". Waiting for them to order a RB2011UAS. The issue now is they using those home grade wireless routers as AP. Some would just "hang" when too many users try to connect. Told them to get some Ubiquiti APs, but customer said will upgrade in stages because of limited budget. Will implement a 2 VLAN on 2 seperate broadband services when the 2011UAS comes in with backup failover. Total users should peak at 60+.

Back to your GB issue, I agree that it should just work out of the BOX. Not sure about the Auto-Neg issue (just goggle it). My 751G and 750G no issues when connecting to GB Switch. I just checked 2 of my customers RB2011, also no issue when connecting to GB Switches. However I noticed that the GUI is only showing 100MB, while when I use command line, it shows GB with Full Duplex.

Did you know there is a "master port" on the Mikrotik, features where the ports are linked together like a "switch" giving you wire speeds, without any CPU utilization. If the packet is NOT meant for the switch (layer 2), it will pass to router (layer 3). I would suggest "switching" the ports together reducing the CPU usage and getting closer to Wire speed. When you test your throughput, remember to enable the "master port". And if you could, disable it and see what is the difference

And in Mikrotik got Traffic Flow (IP-> Traffic Flow) feature, where it is NetFlow compatible. I think they support V5 and V9 of netflow. What software you use to monitor? I am using PRTG. Is there a better one?
If you want to pinjam my "standby/testing" 751G unit, you can after I install for my customer next week.

these phone is using correct by our office network, of coz i understand they still can using their data to access these, but i just want to block these when they using our network. any idea ?

Hmmm... I am running it behind my NAS and I am not getting consistent speed with LACP. Perhaps have something to do with this auto negotiate issue. From the thread you posted, someone mentioned that the problem have not been sorted yet.

I have just installed the RB2011UAS and checked all the 5 GB ports using 2 laptops (with GB connection) and finally to a 24 Dlink GB Switch. No issues with auto neg.

I think this is issue only between routers....

I have just installed the RB2011UAS and checked all the 5 GB ports using 2 laptops (with GB connection) and finally to a 24 Dlink GB Switch. No issues with auto neg.

I think this is issue only between routers....

I have just installed the RB2011UAS and checked all the 5 GB ports using 2 laptops (with GB connection) and finally to a 24 Dlink GB Switch. No issues with auto neg.

I think this is issue only between routers....

The NAS is connected with bonding (802.3ad) to 2 ports and my computer with another 2 of the 5 gigabit ports the rest of my equipment are connected to the lan ports. No issues with auto negotiation just not getting above 100MB/sec speeds from my NAS, in fact is worst than a single connection. Tried all possible settings I can see. Not too sure where is the bottleneck. Any ideas the best way to check.

what NAS are you using ?? the bonding configured in the NAS already ?

found this too

http://wiki.mikrotik.com/wiki/Manual:Inter...Bonding#802.3ad

These are the settings on the NAS

Seems pretty normal to me. Perhaps the bottleneck is on the NICs.

can I use RB2011 and plug a SFP tranceriver to totally replace the Fiber modem that come with Unifi/Maxis FTTH?

These are the settings on the NAS



and on Mikrotik.



Seems pretty normal to me. Perhaps the bottleneck is on the NICs.

You may want to try get a dummy gigabits switch and try from your nas to workstation see it is better. I did read before the performance of gigabits performance are bad in mikrotik (can't confirm the model), I briefly read it in the mikrotik forum.

My home mikrotik priority is get the external antenna working but  this Mikrotik don't work as it claim!!!! Really pain in the azz. maybe I should do what the other did, solder another connector for the internal antenna and extend it.

Yes it's a Syno box running SHR-1 which is similar to Raid5. Single connection to the box can hit 100MB++/sec easily on this router. Running SSD on my computer so peaking close to advertise 200MB/sec from the NAS should be possible or at least close to it. Unfortunately i do not have any switch that supports 802.3ad. Normal switches can't do the job.

i think this would be the fastest, there is a small connecter inside that is connected to the internal attenna ?

http://www.edccomp.com/converter/323-anten...751u-2hnd-.html
rb250g can do 802.3ad ?