I m trying to set up a new hex router. On Ethernet1 i set up my wan port with fix ip from my provider. On Ethernet 2 i want to set up an admin vlan , and on ethernet 3 a guest vlan. A simple setup. My problem is that i don t get a local ip on the mentioned vlan ports. Even if i assign a fixed ip from the correct subnet, i can t connect to the router with winbox. The interface it appears as it doesn t has an ip. I can only connect using the mac address of the device with the winbox.
Code: Select all
# jan/02/1970 01:52:29 by RouterOS 6.49.10
# software id = AJSM-L12M
#
# model = RB750Gr3
# serial number = HFE09AJGCJF
/interface vlan
add interface=ether2 name=vlan1 vlan-id=1
add interface=ether3 name=vlan4 vlan-id=4
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=P-VL1-Admin ranges=172.29.1.30-172.29.1.240
add name=P-VL4-Guest ranges=172.29.4.30-172.29.4.240
/ip dhcp-server
add address-pool=P-VL1-Admin authoritative=after-2sec-delay disabled=no \
interface=vlan1 lease-time=1h name=dhcp1
add address-pool=P-VL4-Guest disabled=no interface=vlan4 lease-time=30m name=\
dhc4
/ip address
add address=145.xxx.xxx.xxx interface=ether1 network=255.255.255.252
add address=172.29.1.1/24 interface=vlan1 network=172.29.1.0
add address=172.29.4.1/24 interface=vlan4 network=172.29.4.0
/ip dhcp-client
add comment=defconf disabled=no
/ip dhcp-server network
add address=172.29.1.0/24 dns-server=31.46.19.238,84.1.102.178 gateway=\
172.29.1.1 netmask=24
add address=172.29.4.0/24 dns-server=31.46.19.238,84.1.102.178 gateway=\
172.29.4.1 netmask=24
/ip firewall address-list
add address=145.xxx.xxx.xxx list=WAN-IP
add address=172.29.1.0/24 list=local-admin-network
add address=172.29.4.0/24 list=local-networks
add address=172.29.4.0/24 list=local-guest-network
add address=172.29.1.0/24 list=local-networks
/ip firewall filter
add action=drop chain=input comment="drop invalid" connection-state=invalid
add action=accept chain=input comment="allow established,related" \
connection-state=established,related
add action=accept chain=input comment="allow ping" icmp-options=8:0-255 \
ipv4-options=strict-source-routing limit=5,5:packet protocol=icmp
add action=accept chain=input comment=Dhcp dst-port=67-68 protocol=udp \
src-address-list=local-networks
add action=accept chain=input comment="management accept - MAC winbox GUI" \
dst-port=20561 protocol=udp src-address-list=local-networks
add action=accept chain=input comment="management accept - winbox GUI" \
dst-port=8291 log=yes protocol=tcp src-address-list=local-networks
add action=accept chain=input dst-port=53 protocol=tcp src-address-list=\
local-networks
add action=drop chain=input comment="DEFAULT INPUT DROP" log-prefix=\
"default drop" src-address-list=local-networks
add action=accept chain=forward comment="forward rel-established" \
connection-state=established,related
add action=accept chain=forward comment="forward networks to wap ip" \
dst-address-list=WAN-IP src-address-list=local-networks
add action=accept chain=forward comment="Allow dns req" dst-port=53 protocol=\
tcp src-address-list=local-networks
add action=accept chain=forward dst-port=53 protocol=udp src-address-list=\
local-networks
add action=accept chain=forward comment="Allow Dhcp req/repl" dst-port=67-68 \
protocol=udp src-address-list=local-networks
add action=drop chain=forward comment="DEFAULT FORWARD DROP" log-prefix=\
"default drop"
add action=accept chain=output
/ip firewall nat
add action=src-nat chain=srcnat out-interface=ether1 src-address=172.29.1.0/24 \
to-addresses=145.xxx.xxx.xxx
add action=src-nat chain=srcnat out-interface=ether1 src-address=172.29.4.0/24 \
to-addresses=145.xxx.xxx.xxx
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system logging
add topics=dhcp,debug
https://imgur.com/8Xkyl78
Any insight would be appreciated.