im on rb951-2n under load balancing pppoe client and wlan and i have the problem i will describe......
after finishing the hotspot setup, suddenly i disconnected from winbox and after that, nothing happens, no internet cannot access MT via winbox, absolutely nothing works.
Can someone help me plz and what u need of my configuration?
thnx in advance
i edit to post my entire configuration
Code: Select all
/interface ethernet
set [ find default-name=ether3 ] master-port=ether2
set [ find default-name=ether4 ] master-port=ether2
set [ find default-name=ether5 ] master-port=ether2
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 max-mru=1500 max-mtu=\
1500 mrru=1620 name=pppoe-out1 password=guest use-peer-dns=yes user=\
guest@hol.gr
/ip neighbor discovery
set ether1 discover=no
/interface wireless security-profiles
add authentication-types=wpa-psk,wpa2-psk eap-methods="" group-ciphers=\
tkip,aes-ccm management-protection=allowed mode=dynamic-keys name=USER \
supplicant-identity="" unicast-ciphers=tkip,aes-ccm wpa-pre-shared-key=\
!mixalis1998@ wpa2-pre-shared-key="THEPASS"
/interface wireless
set [ find default-name=wlan1 ] amsdu-limit=4096 amsdu-threshold=4096 \
antenna-gain=12 band=2ghz-b/g/n channel-width=20/40mhz-Ce country=\
"united states" disabled=no distance=indoors frequency=2417 hw-retries=6 \
security-profile=Mixalis ssid=Mixalis tx-power=29 tx-power-mode=\
all-rates-fixed wireless-protocol=802.11 wps-mode=disabled
/interface wireless nstreme
set wlan1 enable-nstreme=yes
/ip pool
add name=dhcp_pool1 ranges=1.1.1.100-1.1.1.150
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether2 lease-time=1d name=\
dhcp1
/queue simple
add max-limit=20M/1M name=pppoe-out1 queue=\
pcq-download-default/pcq-upload-default target=pppoe-out1
add burst-limit=16M/850k burst-threshold=10500k/562k burst-time=8s/8s \
limit-at=7M/375k max-limit=14M/750k name=QoS_1 packet-marks=QoS_1 parent=\
pppoe-out1 priority=1/1 queue=pcq-download-default/pcq-upload-default \
target=pppoe-out1
add burst-limit=16M/850k burst-threshold=10500k/562k burst-time=8s/8s \
limit-at=7M/375k max-limit=14M/750k name=QoS_2 packet-marks=QoS_2 parent=\
pppoe-out1 priority=2/2 queue=pcq-download-default/pcq-upload-default \
target=pppoe-out1
add burst-limit=16M/850k burst-threshold=10500k/562k burst-time=8s/8s \
limit-at=7M/375k max-limit=14M/750k name=QoS_7 packet-marks=QoS_7 parent=\
pppoe-out1 priority=7/7 queue=pcq-download-default/pcq-upload-default \
target=pppoe-out1
add burst-limit=16M/850k burst-threshold=10500k/562k burst-time=8s/8s \
limit-at=7M/375k max-limit=14M/750k name=QoS_8 packet-marks=QoS_8 parent=\
pppoe-out1 queue=pcq-download-default/pcq-upload-default target=\
pppoe-out1
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
/interface bridge port
add comment=defconf interface=ether2
add auto-isolate=yes
/ip address
add address=192.168.1.1/24 comment=defconf interface=ether2 network=\
192.168.1.0
add address=192.168.0.2/24 interface=ether1 network=192.168.0.0
add address=192.168.2.2/24 interface=wlan1 network=192.168.2.0
add address=1.1.1.1/24 interface=ether2 network=1.1.1.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server network
add address=1.1.1.0/24 gateway=1.1.1.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d servers=62.38.1.81,62.38.0.81
/ip dns static
add address=192.168.1.1 name=router
/ip firewall filter
add action=fasttrack-connection chain=forward comment="Enable FastTrack" \
connection-state=established,related
add chain=forward comment="Accept forward established,related" \
connection-state=established,related
add chain=input comment="Accept Input Established Related " connection-state=\
established,related
add chain=input comment="Allow ICMP" protocol=icmp
add chain=forward comment="Accept Hamachi" dst-address=192.168.1.0/24 port=\
60132 protocol=tcp
add chain=forward dst-address=192.168.1.0/24 port=60132 protocol=udp
add chain=forward dst-address=1.1.1.0/24 port=60132 protocol=tcp
add chain=forward dst-address=1.1.1.0/24 port=60132 protocol=udp
add chain=forward port=12975 protocol=tcp
add chain=forward port=32976 protocol=tcp
add chain=forward port=17771 protocol=udp
add chain=forward port=443 protocol=tcp
add chain=forward comment="Accept Torrent" dst-address=192.168.1.2 port=61132 \
protocol=udp
add chain=forward dst-address=192.168.1.2 port=61132 protocol=tcp
add action=jump chain=forward comment="Make jumps to new chains" jump-target=\
tcp protocol=tcp
add action=jump chain=forward jump-target=udp protocol=udp
add action=jump chain=forward jump-target=icmp protocol=icmp
add chain=icmp comment="echo reply" icmp-options=0:0 protocol=icmp
add chain=icmp comment="net unreachable" icmp-options=3:0 protocol=icmp
add chain=icmp comment="host unreachable" icmp-options=3:1 protocol=icmp
add chain=icmp comment="host unreachable fragmentation required" \
icmp-options=3:4 protocol=icmp
add chain=icmp comment="allow source quench" icmp-options=4:0 protocol=icmp
add chain=icmp comment="allow echo request" icmp-options=8:0 protocol=icmp
add chain=icmp comment="allow time exceed" icmp-options=11:0 protocol=icmp
add chain=icmp comment="\"allow parameter bad\"" icmp-options=12:0 protocol=\
icmp
add action=drop chain=icmp comment="deny all other types"
add action=drop chain=forward comment="Block \"bogon\" IP addresses" \
src-address=0.0.0.0/8
add action=drop chain=forward dst-address=0.0.0.0/8
add action=drop chain=forward src-address=127.0.0.0/8
add action=drop chain=forward dst-address=127.0.0.0/8
add action=drop chain=forward src-address=224.0.0.0/3
add action=drop chain=forward dst-address=224.0.0.0/3
add action=drop chain=tcp comment="deny TFTP" dst-port=69 protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" dst-port=111 \
protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" dst-port=135 \
protocol=tcp
add action=drop chain=tcp comment="deny NBT" dst-port=137-139 protocol=tcp
add action=drop chain=tcp comment="deny cifs" dst-port=445 protocol=tcp
add action=drop chain=tcp comment="deny NFS" dst-port=2049 protocol=tcp
add action=drop chain=tcp comment="deny NetBus" dst-port=12345-12346 \
protocol=tcp
add action=drop chain=tcp comment="deny NetBus" dst-port=20034 protocol=tcp
add action=drop chain=tcp comment="deny BackOriffice" dst-port=3133 protocol=\
tcp
add action=drop chain=tcp comment="deny DHCP" dst-port=67-68 protocol=tcp
add action=drop chain=udp comment="deny TFTP" dst-port=69 protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" dst-port=111 \
protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" dst-port=135 \
protocol=udp
add action=drop chain=udp comment="deny NBT" dst-port=137-139 protocol=udp
add action=drop chain=udp comment="deny NFS" dst-port=2049 protocol=udp
add action=drop chain=udp comment="deny BackOriffice" dst-port=3133 protocol=\
udp
add action=drop chain=input comment="Drop everything else" in-interface=\
pppoe-out1
add action=drop chain=input in-interface=wlan1
add action=drop chain=forward in-interface=pppoe-out1
add action=drop chain=forward in-interface=wlan1
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface=ether1
add action=drop chain=forward connection-nat-state=!dstnat connection-state=\
new in-interface=wlan1
/ip firewall mangle
add action=mark-connection chain=input comment=_____Load_Balance \
in-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn
add action=mark-connection chain=input in-interface=wlan1 \
new-connection-mark=wlan1_conn
add action=mark-routing chain=output connection-mark=pppoe-out1_conn \
new-routing-mark=to_pppoe-out1
add action=mark-routing chain=output connection-mark=wlan1_conn \
new-routing-mark=to_wlan1
add chain=prerouting dst-address=192.168.0.0/24 in-interface=ether2
add chain=prerouting dst-address=192.168.2.0/24 in-interface=ether2
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=ether2 new-connection-mark=pppoe-out1_conn \
per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=ether2 new-connection-mark=wlan1_conn \
per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=pppoe-out1_conn \
in-interface=ether2 new-routing-mark=to_pppoe-out1
add action=mark-routing chain=prerouting connection-mark=wlan1_conn \
in-interface=ether2 new-routing-mark=to_wlan1
add action=mark-packet chain=forward comment=QoS_1_ICMP-Echo new-packet-mark=\
QoS_1 out-interface=pppoe-out1 passthrough=no protocol=icmp
add action=mark-packet chain=forward comment=______DNS_NTP dst-port=53,123 \
new-packet-mark=QoS_1 out-interface=pppoe-out1 passthrough=no protocol=\
udp
add action=mark-packet chain=forward comment=______ACK new-packet-mark=QoS_1 \
out-interface=pppoe-out1 packet-size=0-123 passthrough=no port=!80,443 \
protocol=tcp tcp-flags=ack
add action=mark-connection chain=forward comment=______HTTP-S_Small \
connection-state=new dst-port=80,443 new-connection-mark=QoS_HTTP \
out-interface=pppoe-out1 protocol=tcp
add action=mark-packet chain=forward connection-bytes=0-500000 \
connection-mark=QoS_HTTP new-packet-mark=QoS_1 passthrough=no protocol=\
tcp
add action=mark-connection chain=forward comment=QoS_1_LOL_Client \
connection-state=new new-connection-mark=QoS_1 out-interface=pppoe-out1 \
port=5000-5500 protocol=udp
add action=mark-packet chain=forward connection-mark=QoS_1 new-packet-mark=\
QoS_1 passthrough=no
add action=mark-connection chain=forward comment=QoS_1_Hamachi \
connection-state=new new-connection-mark=QoS_1 out-interface=pppoe-out1 \
port=12975,32976,443 protocol=tcp
add action=mark-connection chain=forward connection-state=new \
new-connection-mark=QoS_1 out-interface=pppoe-out1 port=17771 protocol=\
udp
add action=mark-packet chain=forward connection-mark=QoS_1 new-packet-mark=\
QoS_1 passthrough=no
add action=mark-connection chain=forward comment=\
QoS_2_FTP_SSH_Telnet_SMTP_POP3-S_SNTP_IMAP-S_SMTP-S connection-state=new \
dst-port=20,21,22,23,25,110,143,465,587,993,995 new-connection-mark=QoS_2 \
out-interface=pppoe-out1 protocol=tcp
add action=mark-packet chain=forward connection-mark=QoS_2 new-packet-mark=\
QoS_2 passthrough=no
add action=mark-packet chain=forward comment=QoS_2_HTTP-S_Large \
connection-bytes=500000-0 connection-mark=QoS_HTTP new-packet-mark=QoS_2 \
passthrough=no protocol=tcp
add action=mark-connection chain=forward comment=QoS_8_Torrents_except_VoIP \
connection-state=new new-connection-mark=QoS_8 out-interface=pppoe-out1 \
port=3000,6881-7000,9091,10000-65535 protocol=tcp src-port=!1167
add action=mark-connection chain=forward connection-state=new \
new-connection-mark=QoS_8 out-interface=pppoe-out1 port=\
3000,6881-7000,9091,10000-65535 protocol=udp src-port=!1167
add action=mark-packet chain=forward connection-mark=QoS_8 new-packet-mark=\
QoS_8 passthrough=no
add action=mark-connection chain=forward comment=QoS_7_VoIP_and_all_others \
connection-state=new new-connection-mark=QoS_7 out-interface=pppoe-out1
add action=mark-packet chain=forward connection-mark=QoS_7 new-packet-mark=\
QoS_7 passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat comment="Basic NAT" out-interface=\
pppoe-out1
add action=masquerade chain=srcnat out-interface=wlan1
add action=dst-nat chain=dstnat comment="Allow Hamachi" dst-port=60132 \
in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.1.2 to-ports=\
60132
add action=dst-nat chain=dstnat dst-port=60132 in-interface=wlan1 protocol=\
tcp to-addresses=192.168.1.2 to-ports=60132
add action=dst-nat chain=dstnat dst-port=60132 in-interface=pppoe-out1 \
protocol=udp to-addresses=192.168.1.2 to-ports=60132
add action=dst-nat chain=dstnat dst-port=60132 in-interface=wlan1 protocol=\
udp to-addresses=192.168.1.2 to-ports=60132
add action=dst-nat chain=dstnat comment="Allow Torrent" dst-port=61132 \
in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.1.2 to-ports=\
61132
add action=dst-nat chain=dstnat dst-port=61132 in-interface=wlan1 protocol=\
tcp to-addresses=192.168.1.2 to-ports=61132
add action=dst-nat chain=dstnat dst-port=61132 in-interface=pppoe-out1 \
protocol=udp to-addresses=192.168.1.2 to-ports=61132
add action=dst-nat chain=dstnat dst-port=61132 in-interface=wlan1 protocol=\
udp to-addresses=192.168.1.2 to-ports=61132
add action=masquerade chain=srcnat comment="Access modem" out-interface=\
ether1 to-addresses=192.168.1.10
/ip route
add check-gateway=ping distance=1 gateway=pppoe-out1 routing-mark=\
to_pppoe-out1
add check-gateway=ping distance=1 gateway=192.168.2.1 routing-mark=to_wlan1
add distance=1 gateway=192.168.0.1
add distance=2 gateway=192.168.2.1
/system clock
set time-zone-name=Europe/Athens
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set pppoe-out1 disabled=yes display-time=5s
set wlan1 disabled=yes display-time=5s
set ether1 disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s
set ether3 disabled=yes display-time=5s
set ether4 disabled=yes display-time=5s
set ether5 disabled=yes display-time=5s
/system leds
set 0 interface=wlan1
/system ntp client
set primary-ntp=62.103.129.253 secondary-ntp=194.177.210.54
/system package update
set channel=bugfix
/system routerboard settings
set cpu-frequency=400MHz
/tool mac-server
set [ find default=yes ] disabled=yes
add
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add
/tool sniffer
set filter-interface=*10 streaming-enabled=yes streaming-server=10.10.10.1
/tool user-manager database
set db-path=user-manager
ether1= my pppoe client connected to 192.168.0.1 bridge modem masquerade, added also 192.168.0.2 masquerade to be able to access my modem
ether2= my lan added 2 ip's 192.168.1.1/24 and 1.1.1.1/24, on second dhcp acts
wlan1= has the 192.168.2.2 ip and connects as bridge mode on an external 192.168.2.1 modem and load balances with pppoe client, masquerade also.
My setup has no any bridge interface
I have no problem working with the above configuration, but when im going to setup the hotspot, after finishing, everything disconnects and i cant even access the MT via winbox, also no internet access and i have to reset the MT and restore my configuration to make it work.
I have tried to delete the second lan (1.1.1.1) and the dhcp server but with no luck.
In begin i remember that i was able to setup the hotspot with success, exactly after pppoe setup but i delete it cause i was not sure if i want it and then i setup all the other config i have now, load balance, QoS in simple queue, simple firewall and now i cant setup the hotspot.
Any farther help will be appreciated cause i have stack on this