MrAmos123

I don't think I'll return to the store unless something has been done to prevent problems like this in the future. However, I'll still watch their videos and interact with the community. I can't say I feel like dropping the community/content over this blunder. It was righted in the end. I can't be mad. Regardless of what customs charged us, I don't think is their fault. Their fault is the VAT/TAX initially taken. The product is great - so far. We'll see over time, and we'll see when/if they send out replacement zippers.

Read through this. I don't know what country you're in, but there's references to other countries in here.

Hope you get that letter in 20 days. On the Parcelforce letter it says, "We will hold your parcel for 20 days after the date of this letter, after which your parcel will be returned to sender." so if your letter is stuck in mail, you might receive it close or after the deadline. I don't even know what happens here. Do you get a refund, or do they reach out if you'd like it reshipped, who pays for that reshipping?

Email I received from support reference this question;

I feel you should have received it by now. I was early wave 2 and have already had the customs letter, paid, received backpack, and gotten the tax refund from LTT.

I received mine today and it doesn't have any replacement zippers included. Not sure what the process is for requesting these?

Update. I've received a response from LTTStore's support as of this morning. They refunded $60 to my original payment method.

Sorry for delay, been working with someone that's helping me. Turns out, there was only one major problem, which was with the WAN Lists. *** Each ethernet port can act as an individual port which can be assigned a VLAN tag by itself, the problem with this, is that isn't not groupable. Solution: Bridge. Bridges (a collection of shared ethernet ports) can also be assigned VLAN tags. This way, I can add additional stuff to the router such as an access point, another switch to a different location etc which it will share the same VLAN tags and routability via the switch chip. If I didn't use a bridge and assigned them manually, the router's CPU would have to handle this traffic instead of the switch chip on the router. I could also assign each port its own dedicated VLAN, however, as I mentioned before, this is not scalable. If I had 100 VLANs and only 8 ports, you can see the problem. Bridges abstract away the ethernet ports since it's its own interface. Have a look at this video it may help you understand. Client request -> VLAN -> Bridge -> DHCP Server -> Lease assignment Alternatively, this could be: Client request -> VLAN -> Ethernet Port -> DHCP Server -> Lease assignment Routing table looked correct, however, I was confused (due to lack of experience/knowledge with these devices) due to the abstracted interface lists. There's nothing to lose by resetting, however, the configuration was 99% there, it didn't make sense to wipe it to end up with the same problem due to a lack of understanding. I just needed someone experienced to look at my configuration and go "Aha, there's your problem!" WAN connectivity is present from Router -> WAN. LAN -> WAN was not working as expected. (FW/NAT interface list was incorrect) The two branches are the ISPs. There can be many more VLANs on the LAN side, 3 is just what I have to segregate IoT, Guests, and a dedicated VLAN for the other ISP. Appreciate your reply, I hope this makes sense, feel free to question anything though.

That would be great. This is concerning as now it's coming up to a week and still no reply on my ticket.

Maybe read the post. VAT was applied TWICE. This should never have been the case. They should not have collected VAT/TAX at checkout, yet they did. Entry into the UK also got customs charge (second VAT/TAX). If <removed by staff>, why does LTT Store also include a dedicated post about double-VAT problem?

@heimdali > Why do you have a reference to an unreachable private IP address Ignore, defcon line I forgot to remove. Shouldn't prevent anything from working, except DNS resolution from the router itself. Clients have 1.1.1.1 provided by DHCP. > I'm finding it strange that all the VLAN interfaces are assigned to a bridge interface. A bridge usually connects stuff like a hub does. This isn't scalable with many VLANs, so it's easier to trunk the VLAN data down the switch bridge. I could do it directly to an interface port, but I'd like the ability to easily add additional switches without the need to setup the VLAN information again on a separate port. (Bridging solves this) > What does that do with DHCP broadcasts on this bridge interface? DHCP server is assigned to the VLAN tag on the bridge. > Have you restarted the router? Yes > Perhaps reset and start over with only one WAN interface and only one vlan and get that to work. Preferably like to do this as a last resort. I'm not in any rush to replace this and currently using pfSense, but the configuration is mostly there. Clearly just lacking something from it to allow WAN route-ability.

Hi, I'm having issues where replacing my current router with my new RB5009UPr+S+ and my cfg is yielding strange behaviours. The current router is a home pfSense setup with almost exactly the same configuration as the diagram below. I'm trying to recreate it in RouterOS to replace pfSense. Issues: DHCP only seems to provide to a handful of clients(? I wonder if it's some remembered 'route') it doesn't even seem to provide my Switches and APs IPs. (They're DHCP-enabled) WAN connectivity is intermittent. I can access/ping any WAN address from the Mikrotik itself. DNS is non-existent. I'm trying to configure for Dual WAN, exposing the 'Vodafone' link strictly only on VLAN 103. I was trying to use DHCP to direct the traffic via a NAT rule for this. "Any device on VLAN 103 given from DHCP pool X.X.3.X. Where network X.X.3.X/24 use ETH2-WAN-VF" I've drawn a small diagram explaining how I wish it would work. 102 should be isolated. 101 and 103 can cross-talk. (I didn't yet add this rule in below cfg) I'm certain this is a lack of understanding and misconfiguration on my behalf. So apologies for the silly mistakes. I'd appreciate any help/pointers that may help fix these problems. /interface bridge add admin-mac=18:FD:74:CC:B3:14 auto-mac=no comment="LAN Bridge" name=BRIDGE1-LAN /interface ethernet set [ find default-name=ether1 ] name=ETH1-WAN-VM set [ find default-name=ether2 ] name=ETH2-WAN-VF set [ find default-name=ether3 ] name=ETH3-LAN-TRUNK set [ find default-name=ether4 ] disabled=yes set [ find default-name=ether5 ] disabled=yes set [ find default-name=ether6 ] disabled=yes set [ find default-name=ether7 ] disabled=yes set [ find default-name=ether8 ] disabled=yes set [ find default-name=sfp-sfpplus1 ] disabled=yes /interface vlan add interface=BRIDGE1-LAN name=VLAN-102 vlan-id=101 add interface=BRIDGE1-LAN name=VLAN-102 vlan-id=102 add interface=BRIDGE1-LAN name=VLAN-103 vlan-id=103 /interface pppoe-client add add-default-route=yes disabled=no interface=ETH1-WAN-VF keepalive-timeout=disabled name=PPPoE-WAN-VF user=XXXXXXXX@broadband.vodafone.co.uk /interface list add comment=WAN-VM name=WAN-VM add comment=LAN name=LAN add comment=WAN-VF name=WAN-VF /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip pool add name=VL101-IoT ranges=10.10.1.100-10.10.1.199 add name=VL102-Guest ranges=10.10.2.100-10.10.2.199 add name=VL103-VF ranges=10.10.3.100-10.10.3.199 /ip dhcp-server add address-pool=VL101-IoT interface=VLAN-101 lease-time=1h name="VL101 - IoT" add address-pool=VL102-Guest interface=VLAN-102 lease-time=1h name="VL102 - Guest" add address-pool=VL103-VF interface=VLAN-103 lease-time=1h name="VL103 - VF" /interface bridge port add bridge=BRIDGE1-LAN comment=defconf interface=ETH3-LAN-TRUNK /ip neighbor discovery-settings set discover-interface-list=LAN /interface list member add comment="LAN Trunk" interface=BRIDGE1-LAN list=LAN add comment="WAN VM" interface=ETH2-WAN-VM list=WAN-VM add comment="WAN VF" interface=ETH1-WAN-VF list=WAN-VF /ip address add address=10.10.1.1/24 comment="VLAN101 - Virgin Media" interface=VLAN-101 network=10.10.1.0 add address=10.10.2.1/24 comment="VLAN102 - Virgin Media Guest" interface=VLAN-102 network=10.10.2.0 add address=10.10.3.1/24 comment="VLAN103 - Vodafone" interface=VLAN-103 network=10.10.3.0 /ip dhcp-client add comment="WAN DHCP" interface=ETH2-WAN-VM /ip dhcp-server network add address=10.10.1.0/24 comment="VL101 - IoT" dns-server=1.1.1.1 gateway=10.10.1.1 add address=10.10.2.0/24 comment="VL102 - Guest" dns-server=1.1.1.1 gateway=10.10.2.1 add address=10.10.3.0/24 comment="VL103 - Vodafone" dns-server=1.1.1.1 gateway=10.10.3.1 /ip dns set allow-remote-requests=yes servers=1.1.1.1 /ip dns static add address=192.168.88.1 comment=defconf name=router.lan /ip firewall filter add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1 add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related hw-offload=yes add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=\ WAN-VM add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=\ WAN-VF /ip firewall nat add action=masquerade chain=srcnat comment="VL101 to WAN" out-interface-list=WAN-VM src-address=10.10.1.0/24 add action=masquerade chain=srcnat comment="VL102 to WAN" out-interface-list=WAN-VM src-address=10.10.2.0/24 add action=masquerade chain=srcnat comment="VL103 to WAN" out-interface-list=WAN-VF src-address=10.10.3.0/24 /ipv6 firewall filter add action=drop chain=forward comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN /system identity set name=MTK-Router /tool mac-server set allowed-interface-list=LAN /tool mac-server mac-winbox set allowed-interface-list=LAN Appreciate anyone's comments and feedback.

I find it abhorrent we're being charged almost 1/4th of the backpack + tax cost in customs... Unbelievable. Plus the double-VAT... I've paid and replied to my ticket. I'll update on here when I get a response from LTT. If I get a response from LTT. If anyone from LTT reads this, ticket 67242.

I've received my Parcelforce letter demanding I pay £66.89 to release my backpack parcel. What do I do here? LTTStore's support is non-existent or unacceptably slow. They give me 20 days to pay (before returned to sender), but my ticket has been open for 7 of those days without a reply. Looking for the community for answers to an LTTStore problem... Doesn't make sense but it's all I have left. I've paid for shipping/tax on the product, yet I'm being charged customs/import fee. I'm not sure how this makes any sense.

Context: I have 3 SSIDs Private - VLAN101 (Can talk to VLAN100) Guest - VLAN102 (Can't talk to anything except internet) IoT - VLAN103 (Can't talk to anything except internet) And another VLAN for servers (VL100), not an SSID. Issue: So, I've noticed that people in my household (and next door) are supplying visitors with our 'private' password, however, they don't know the password. I type it into their devices. They're getting the password because now on Android phones you can 'share' the SSID's which will print the wireless password in plain text. Question: How can I keep devices separated into the correct network so people cannot share the password for private SSIDs? Ideas: Idea 1: Create a captive portal, one for Guest and one for Private each has their own login. This way I can make the SSID open, but they won't be able to share the private password as it's one-time. The issue with this idea is that Unifi only allows you to create a captive portal with 1 accepted password (Named 'Simple Password' in Captive Portal). I think this is dumb... but yeah. Idea 2: I've tried to create the captive portals through pfSense however I've had a huge issue getting the phones to accept the self-signed cert, my Pixel 2 just does not like it and will refuse it. Idea 3: MAC-Bind the 'allowed' clients to Private, sure, but this requires constant upkeep and management, and I'm not exactly sure how to enforce this in Unifi. Idea 4: Use Vouchers with no expiry for private. 2 issues with this, this isn't very userfriendly for guest access where I just want a simple password and isn't very practical for private since there's no true-unlimited, just set the expiry to like 999d. I didn't particularly like this idea. Closing: So, does anyone have a better solution than my above attempts because I'm lost for ideas now? Thanks and I'd appreciate anyone that's able to help. I can't be the only one that's facing this or a similar issue.