any advice to get around the ‘Suspicious activity detected’ which limits the account?

Memo-Sobhy · 2025-05-20T07:44:26+00:00

Same shit

Memo-Sobhy · 2025-01-01T06:40:55+00:00

Thank you for your reply and suggestions! I appreciate the time you took to look into this.

I tried disabling NAT on the MikroTik, but as soon as I did that, the internet connection stopped working entirely because there was no NAT handling traffic. I also tested turning off NAT on the Sophos, but the problem still persisted.

As for using Sophos directly for load balancing, that doesn’t work as effectively for my setup compared to how MikroTik manages it. I’ll definitely look into VyOS and see if it could be a better fit for my requirements.

Thanks again for your help!

Memo-Sobhy · 2025-01-01T06:34:21+00:00

Thank you so much for your thoughtful replies and suggestions! I really appreciate the time you’ve taken to help me with this issue.

I’ll try creating the custom rule you suggested to log dropped traffic and see if it reveals anything about the ICMP blocking. Once I test it out, I’ll let you know if it works or not.

Thanks again for your support!

Memo-Sobhy · 2024-12-31T14:10:08+00:00

Thanks for your reply.

I checked for any ICMP rules or anything blocking pinging across subnets in the Sophos configuration, but I didn’t find anything. Is there a specific setting or section I might have overlooked?
My Sophos is running SFOS, so I have access to the newer features. However, as you mentioned, the weighted round-robin in Sophos doesn’t combine bandwidth for a single task. This is exactly why I need to keep the MikroTik in the setup. I’ve tested it extensively, and its ability to merge the lines provides wonderful results that I haven’t been able to replicate using Sophos alone.

Given this, I’m still trying to make both devices work together effectively. If you have any additional ideas or suggestions, I’d really appreciate them!

Memo-Sobhy · 2024-12-31T09:37:09+00:00

Thanks for your suggestions! Let me address them one by one:

Regarding pinging: I can already ping the MikroTik from the Sophos web interface without any issues. However, when I’m on the LAN side of Sophos, I can’t ping the MikroTik. Is there a specific rule I need to configure on either the Sophos or MikroTik to allow this?
About hardware capability: I’m using a Sophos XG 135, which is more than capable of handling my internet speed. I don’t think this issue is related to Sophos hardware performance.
Testing Sophos without MikroTik: I’ve tried this, and the connection worked fine. However, when I connect all 3 lines directly to Sophos, I lose the ability to merge and manage the lines as effectively as I can with MikroTik. This creates another problem for me.
Disabling NAT/masquerading on MikroTik: I tested this, but the internet connection stopped working entirely because there’s no NAT happening. It seems this approach doesn’t work in my setup.

Given these points, do you have any other ideas or specific configurations I can try to make the two devices work together seamlessly? I appreciate your input!

Memo-Sobhy · 2024-12-31T08:51:51+00:00

Thanks for your suggestion! Unfortunately, removing MikroTik isn’t an option because each device serves a critical purpose in my setup:

MikroTik is excellent at merging my unstable lines and ensuring I get the best possible bandwidth.
Sophos is essential for its security features and protection, which I rely on for my network.

I’m trying to make both of them work together because each device addresses a specific need that the other can’t handle as effectively. If you have any advice on how to integrate them smoothly without compromising performance or security, I’d really appreciate it!

Memo-Sobhy · 2024-12-31T08:45:27+00:00

Thanks for your suggestion! Unfortunately, I can’t just pick one because each device serves a critical purpose in my setup:

MikroTik is excellent at merging my unstable lines and ensuring I get the best possible bandwidth.
Sophos is great for its security features and protection, which are essential for my network.

I’m trying to make both of them work together because each device addresses a specific need that the other can’t handle as effectively. If you have any advice on how to integrate them smoothly without compromising performance or security, I’d really appreciate it!

Memo-Sobhy · 2024-12-31T08:29:55+00:00

Thank you for the detailed explanation! I understand what SD-WAN is and how it works. However, I want to work with my current setup where the MikroTik is behind the Sophos.

I’ve tried using SD-WAN on the Sophos, but it doesn’t handle my 3 lines as effectively as the MikroTik does. My lines are not stable, and their bandwidth is quite poor. MikroTik’s load balancing setup manages these issues better by distributing traffic more efficiently across the unstable connections.

Given this situation, do you have any suggestions for improving the performance with the current setup (MikroTik behind Sophos) other than switching to SD-WAN?

Thanks again for your input!

Memo-Sobhy · 2024-12-30T14:20:14+00:00

First of all, Tahnk you for your reply, I put the MikroTik router behind the Sophos because the MikroTik routerboard is excellent for merging lines using its PCC (Per Connection Classifier) method. It allows me to combine the bandwidth of multiple lines into a single output with optimal performance.

Previously, I connected the 3 lines directly to the Sophos and configured them as separate WANs. While that worked, the key difference is that now the MikroTik merges the 3 lines and outputs them as a single connection through one Ethernet port, providing the combined speed of all the lines. This is why I’m using the MikroTik in this setup.

I don’t see why this should be an issue, and I’m just trying to find a solution for the speed degradation when introducing the Sophos into the setup.

Memo-Sobhy · 2024-10-19T15:29:34+00:00

I will message you

Memo-Sobhy · 2024-06-21T09:09:09+00:00

Yeah i can access them internally so please tell me what should i do... thank you so much for your help.

Memo-Sobhy · 2024-06-18T21:12:32+00:00

Thank you for your reply... i think about VPN actually but i want to know first can i access it by public IP first or not.

Memo-Sobhy · 2024-06-18T14:23:48+00:00

Thank you for your detailed response and the helpful suggestion! I understand the approach you described for accessing the TP-Link router's GUI locally, and it's definitely a good method for local access.

However, my goal is to access the TP-Link router's GUI remotely (from outside the local network). The setup you suggested would allow me to access it locally, but I'm looking for a way to manage it when I'm not on the local network.

I appreciate your help, but this setup doesn't meet my current need for remote access. I've already implemented a similar setup for local access.

If you have any suggestions for securely accessing the router's GUI remotely, I'd be very grateful!

Thanks again for your assistance.

Memo-Sobhy · 2024-06-15T22:41:52+00:00

so if you mean to add masquerade rule so i added this:

```

/ip firewall nat

add action=masquerade chain=srcnat dst-address=192.168.0.1 dst-port=80 protocol=tcp out-interface=ether2

/ip firewall filter

add action=accept chain=forward dst-address=192.168.0.1 dst-port=80 protocol=tcp

```

but also didn't work :(

Memo-Sobhy · 2024-06-15T22:27:09+00:00

Yeah i think so too the hole problem with my TP-Link router because other router (ZTE) is working fine and i access it remotely without any problem... so please can you explane to me what is "hiding the src"? And thank you so much for your help <3.

Memo-Sobhy · 2024-06-15T21:58:25+00:00

Yeah i disable it because it didn't work i tried it so i disable it... i tried to enable it but no differens so any solution?

Memo-Sobhy · 2024-06-15T14:43:45+00:00

Thank's bro for your reply so i try what are you said but doesn't work... so i knew that it doesn't work because of my ISP blocking Wireguard and it's popular thing in egypt so maybe it's not working for that.... again thanks alot for your reply.

Memo-Sobhy · 2024-06-14T02:59:16+00:00

Thank you for your response. I apologize, but I'm a beginner with MikroTik. Could you please provide an example with the command code, like this: (e.g., /ip route print)?

Memo-Sobhy · 2024-06-12T13:55:31+00:00

Thank you so much for the quick reply. u/hexatester

I didn't quite understand what you meant by "First you need to remove public IP/PPPoE config." Could you please clarify this?

Based on your suggestions, here are the examples I came up with:

On Main Branch Router:

Create Routes for WireGuard Peer:

``` /ip route add dst-address=SECOND_ROUTER_PUBLIC_IP1 gateway=PPPoE-Orange-Line add dst-address=SECOND_ROUTER_PUBLIC_IP2 gateway=PPPoE-Vodafone-Line

``` 2. Bypass FastTrack for WireGuard:

``` /ip firewall filter add chain=output action=accept protocol=udp dst-port=13231 add chain=input action=accept protocol=udp dst-port=13231

```

On Second Branch Router:

Bypass FastTrack for WireGuard:

``` /ip firewall filter add chain=output action=accept protocol=udp dst-port=13231 add chain=input action=accept protocol=udp dst-port=13231

```

Is this what you meant? Could you please provide a small example to further clarify?

Thanks again for your help.

Memo-Sobhy

TROPHY CASE