Have you tried connecting the Plejd-gateway into different Ethernet port?The Plejd-gateway is connected directly to the router with a cable.
No, but I also have a switch and moved it from the switch to the router without any difference.Have you tried connecting the Plejd-gateway into different Ethernet port?The Plejd-gateway is connected directly to the router with a cable.
though it has to be seen if it applies only to installers and you as "final" user will be excluded.Outstanding support
With our knowledgeable support of experienced and trained electricians, you will always get the help you need, when you need it. We develop all our products in-house and have the necessary expertise close at hand to assist with optimal support in all different cases, from simple questions to technical support and advice.
Thank you for the info.The only way to (maybe) find a solution or a workaround is having a look at your configuration.
Follow this:
viewtopic.php?t=203686#p1051720
to retrieve and post the configuration.
Do you know which IP address(es), ports, protocols does this Plejd device use?
Is it this thingy here?
GWY-01 Gateway
https://plejd.com/products/GWY-01
the manual seems particularly void of technical info, there is on installer page:
https://plejd.com/installer
a rather interesting statement:though it has to be seen if it applies only to installers and you as "final" user will be excluded.Outstanding support
With our knowledgeable support of experienced and trained electricians, you will always get the help you need, when you need it. We develop all our products in-house and have the necessary expertise close at hand to assist with optimal support in all different cases, from simple questions to technical support and advice.
From other sources, it seems like it wants to talk with https://cloud.plejd.com/ but without knowing if it uses a particular service or port it will be difficult to find which (if any) firewall rule blocks it.
The thingy has a solid yellow light (meaning it cannot connect) right?
Have you already used the app for troubleshooting as advised there?When GWY-01 has a solid yellow light, it means that it is installed, but that it currently has no connection to Plejd's cloud. See the app for troubleshooting to identify which link in the chain is failing
Yes. Doesn't find anything unfortunately (more than the info that the Gateway can't reach the servers of Plejd).Here it says: https://plejd.com/contact
Have you already used the app for troubleshooting as advised there?When GWY-01 has a solid yellow light, it means that it is installed, but that it currently has no connection to Plejd's cloud. See the app for troubleshooting to identify which link in the chain is failing
# jan/29/2024 11:11:49 by RouterOS 6.49.12
# software id = BHVS-Z3WR
#
# model = RB750Gr3
# serial number = HE108HAFC5B
/interface bridge
add admin-mac=** auto-mac=no comment=defconf name=bridge
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=**
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=** comment=defconf interface=bridge network=\
**
/ip dhcp-client
add comment=defconf disabled=no interface=ether1
/ip dhcp-server network
add address=** comment=defconf gateway=**
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=** comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/system clock
set time-zone-name=Europe/Stockholm
/system identity
set name=RouterOS
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/ip dns set servers=8.8.8.8,8.8.4.4
put [:resolve google.com]
put [:resolve plejd.com]
put [:resolve google.com]
/ip dns set servers=""
[user@router] > put [:resolve cloud.plejd.com ]
52.209.92.67
/ip dhcp-server network
add address=** comment=defconf gateway=**
/ip/dns
set servers=8.8.8.8
I do see an IP here. So this shouldn't be the problem?You should see IP address on the terminal:
Code: Select all[user@router] > put [:resolve cloud.plejd.com ] 52.209.92.67
I do see an IP here. So this shouldn't be the problem?
/ip firewall nat print dynamic
Since we are guessing here let me add my guess. Plejd gateway may want to open some ports in the firewall but fails because UPnP service is disabled by default.
@Favazza, can you try to enable UPnP in IP / UPnP and then hit Interfaces button and add 2 entries:
- ether1 -> external
Then run in the terminal the following command to check for dynamic entries in the NAT table:
- bridge -> internal
Please also make sure the gateway obtained an IP address from the router by looking at IP / DHCP Server / Leases.Code: Select all/ip firewall nat print dynamic
Flags: X - disabled , I - invalid, D - dynamic
I'm a noob when it comes to these kind of sentences SorryPlease also make sure the gateway obtained an IP address from the router by looking at IP / DHCP Server / Leases.
That's wrong. There has to be bridge, not ether2. Even though your device is connected to ether2, it is not an independent port, but a part of the bridge (bridge port) and your device gets IP configuration from the bridge. In other words interfaces ether2-ether5 are logically grouped together and share the same config.I've made the first steps however chose ether2 as that's where it's located.
eth1 -> WAN
eth2 \
eth3 -> bridge -> LAN
eth4 /
eth5
Since you are already familiar with the Terminal, please run the command below. It will print IP addresses, host names, MAC addresses of all devices in your home network. There your should also see the IP of your Plejd-gateway. Before posting the output remove MAC addresses.I'm a noob when it comes to these kind of sentences SorryPlease also make sure the gateway obtained an IP address from the router by looking at IP / DHCP Server / Leases.
/ip dhcp-server lease print
Taken from the MikroTik-wikiIn order for the DHCP server to work, IP pools must also be configured (do not include the DHCP server's own IP address into the pool range) and the DHCP networks.
Yes, I see the IP of the gateway.
What's next?
/ip firewall nat add chain=dstnat action=dst-nat comment=Plejd in-interface-list=WAN to-addresses=192.168.88.xxx
/ip firewall nat remove [find comment=Plejd]
DHCP server is already enabled for your LAN network.Edit: Read somewhere that DHCP needs to be activated. Might that be something?
ws-ie.api.plejd.cloud (443)
auth.api.plejd.cloud (443)
logs.api.plejd.cloud (514)
gwyos.plejd.io (443)
api.fy.plejd.cloud (443)
gwy-01.fw.plejd.cloud (80, 443, 8080)
remote.api.plejd.cloud (80)
ntp.plejd.cloud (123)
Yes, there should be no any confirmation. You may ensure the rule was added by executing the command below or checking in WinBox in IP / Firewall / NAT:When entering the info and hitting Enter, nothing happens. No confirmation from the Terminal - that is correct?
/ip firewall nat print where comment=Plejd
Have to check that!! Thanx for the tip!Or doesn't your ISP modem provide DHCP to it's clients ?
Plejd-gateway may have the NTP server hard-coded as "ntp.plejd.cloud" in its settings. To test whether your devices are able to synchronize time via Plejd's NTP server try the following on your Mikrotik: open menu System -> NTP Client, enter the server name, set Enabled and hit Apply. If all went well, you should see status "synchronized". If the status remains "waiting", communication over port 123/udp may be blocked by your ISP. Although this is unlikely since you claimed the gateway was working with the previous router. Once you finish testing this, please disable the NTP Client.Does the clock setting say anything?
I guess it's the typical setup for home users where you get just 1 IP from the ISP and thus you may connect only one network device to the ISP modem. That could be your new router, old router, Plejd-gateway or laptop. Please try to connect Plejd-gateway directly to the ISP modem and disconnect the router. Disconnect your cell phone from Wi-Fi, launch the Plejd app and check if the Plejd-gateway has got online.My ISP says router first so I guess it's right (connected it exactly like it was connected with the old router).
Does this say anything at all?ws-ie.api.plejd.cloud (443)
auth.api.plejd.cloud (443)
logs.api.plejd.cloud (514)
gwyos.plejd.io (443)
api.fy.plejd.cloud (443)
gwy-01.fw.plejd.cloud (80, 443, 8080)
remote.api.plejd.cloud (80)
ntp.plejd.cloud (123)
Aha, this means that NTP is most likely blocked by your ISP!Mine doesn't look like this either, but one thing that is missing is "Last updated from" and "Last update + adjustment". They are empty on mine.
Active server is the last one with some digits in it.
This is the list of hosts that your Plejd gateway communicate with, and the last one seems to be causing problems.Plejd said this about the ports:Does this say anything at all?ws-ie.api.plejd.cloud (443)
auth.api.plejd.cloud (443)
logs.api.plejd.cloud (514)
gwyos.plejd.io (443)
api.fy.plejd.cloud (443)
gwy-01.fw.plejd.cloud (80, 443, 8080)
remote.api.plejd.cloud (80)
ntp.plejd.cloud (123)
/ip firewall nat add chain=srcnat action=masquerade comment=NTP protocol=udp src-port=123 out-interface-list=WAN to-ports=10123 place-before=[find comment="defconf: masquerade"]
What do you mean here? Is there something I can do?With a little dns investigation.
I find that it is not Plejd that you are contacting, but our Swedish ntp service that you are connecting to.
ntp.plejd.cloud points to alias ntp.se and this points backwards to ntp.netnod.se
But why not check if your client can contact this server.
system/ntp/client/print
enabled: yes
mode: unicast
servers: pool.ntp.br
vrf: main
freq-drift: 0 PPM
status: waiting
But is it blocked? Same ISP as with the old router?!The router was able to resolve ntp.plejd.cloud and @Favazza was able to see it's IP address in the Active Server field of the SNTP Client.
I would rather advise to contact the ISP and ask them whether they block NTP protocol.
If the gateway still works with the old router or via direct connection to the ISP modem, then the problem is most likely with your MikroTik router.But is it blocked? Same ISP as with the old router?!
Yes, exactly. Something is blocking/disturbing with the MikroTik router.If the gateway still works with the old router or via direct connection to the ISP modem, then the problem is most likely with your MikroTik router.But is it blocked? Same ISP as with the old router?!
Can you please ensure the router has the latest firmware installed? In the menu System / RouterBOARD compare current firmware with the upgrade firmware version. If they are different, hit the Upgrade button and then select menu System / Reboot.
And then I would recommend to reset the configuration to defaults, since your config does not seem to have any special settings and it should be safe to do so.
If you are willing to try, navigate to menu System / Reset Configuration and set the checkboxes as shown on the screenshot. This will keep current user and password and set to defaults everything else.
2024-02-04 Reset Configuration.png
You will lose the changes:Will something else get lost in the configuration reset? Just afraid I have to fix alot again to make things work around the house
/export file=hex.rsc
Same issue with Plejd and MikroTik?I'm having the same problem.
7.13.3 (stable)
NTP client on "waiting" status forever. It does not matter if you restart the router, enable/disable NTP Client checkbox or change for any NTP Server internal/external.
The ISP is not blocking port 123 either.
It looks like there´s a bug for those who installed NTP Package while on version 6.x.x and upgraded to 7.x.x.
Does any one came up with a temporary solution?Code: Select allsystem/ntp/client/print enabled: yes mode: unicast servers: pool.ntp.br vrf: main freq-drift: 0 PPM status: waiting
Already suggested:Could you please re-check if possible how the gateway works with the old router? Also try connecting the gateway directly to your ISP's modem and see if that works.
True, I just reiterated everything that was suggested as there are quite a lot of posts already.
Already suggested:
- connect it to a port and put that in DMZ (direct connection to WAN)
- use a switch between ISP modem and Hex and connect gateway to switch
- direct connect gateway to ISP modem.
3 times zero response.
I wasn't supposed to disrespect your suggestions.Already suggested:Could you please re-check if possible how the gateway works with the old router? Also try connecting the gateway directly to your ISP's modem and see if that works.
- connect it to a port and put that in DMZ (direct connection to WAN)
- use a switch between ISP modem and Hex and connect gateway to switch
- direct connect gateway to ISP modem.
3 times zero response.
This gives the same a different result than ntp.plejd.cloud. Now I got "Last updated from..." etc.Can you set another server in the SNTP client, e.g. se.pool.ntp.org? Does this work?
What about the "Last Update" and "Last Adjustment" fields? Were those populated too for se.pool.ntp.org?This gives the same a different result than ntp.plejd.cloud. Now I got "Last updated from..." etc.Can you set another server in the SNTP client, e.g. se.pool.ntp.org? Does this work?
But I got back to trying ntp.plejd.cloud and now I get response to that as well.
Good, do not forget to update the firmware as well (System / RouterBOARD / Upgrade and then System / Restart).
By the way, updated to 6.49.13 today.