I have almost finished configuring our RB2011UiAS for 2 WAN PCC load balancing and NAT hair-pinning. The last thing I have done is enable the DHCP server and disable the DHCP server on the previous router we were using. All of the devices on our LAN have been able to connect except one, a Macbook Pro running 10.9.5. This machine gets an IP from the server, but it can’t connect to the internet. The logs in the RB2011 show the following:
17:52:59 dhcp,info DHCP assigned 10.0.2.82 to 90:FD:61:EC:D5:BE
17:55:28 dhcp,info DHCP deassigned 10.0.2.82 from 90:FD:61:EC:D5:BE
The first line is when I connected, and the last line I think is when I disconnected. However during the time I was connected I did not have an internet connection and I could not ping the RB2011 from a terminal.
I see some people have had similar issues here: http://forum.mikrotik.com/t/apple-devices-wont-connect/87675/1
I tried changing the Authoritative setting to “yes” but this did not change anything. The access point is an Airport Extreme Base station, and as far as I can tell TKIP is not enabled.
What could the problem be here? How can I get this Macbook Pro online?
So I have changed the Macbook Pro to have a static IP that connects to the old router on the same subnet. This works fine, but when I change it back to DHCP it gets an IP from the RB2011 but there is no connection to the internet.
I could really do with getting this device online - does anyone have any ideas what it could be?
I just tried to connect via ethernet cable to our switch and the Macbook Pro has the same problem, so it’s nothing to do with our Access Point.
I then just tried logging in to the router and removing the DHCP lease assigned to the computer. The computer now has an internet connection! However, it still has the same IP address as before (10.0.2.82) but this is not reported in the DHCP lease table, so I am cautious as to whether this is actually fixed or not.
The issue has returned unfortunately. The same Macbook Pro which couldn’t connect before had been working fine until this morning. Once again I removed the DHCP lease via the Webfig interface and it was back online, again with the same IP address. I really need to fix this, as I am not always around to remove the DHCP lease, and obviously I shouldn’t have to.
Can you ping gateway ( Mikrotik’s LAN interface) from that MacBook while internet is not working?
Is " Add arp for leases" enabled?
Whats your lease time? According to log, address was used for 2min 29s.
I think some Apple products may have some option for “DHCP security” or whatever.
I switched a DHCP/NAT network to a MikroTik router today and I have seen the same thing: there is one computer
that refuses to accept the lease from the MikroTIk, which has the same IP as the previous router.
I think the computer stores identity information about the DHCP server (like its MAC address or unique ID) and
detects that this has changed, and presumably it detects this as an attempt to spoof.
I have no idea if this is really true and if this is an option somewhere. Hundreds of other systems just migrated
without effort (asking for their previous IP address and getting that assigned from the MikroTik), only one is failing.
It looks like it just ignores the offer. I see it making a DHCP request, it gets a DHCP offer, and then nothing.
After 10 seconds the MikroTik removes the entry from the visible leases table, but of course the MAC/IP pair is
remembered and the next time the device tries it, the same IP is offered and ignored. Strange, but could be the above.
I had a similar issue a number of years ago with some mac devices. I found a solution was to copy the mac address and put it in the DHCP client id option under dhcp and the apple device would get an IP instantly. may be worth a try.
Ok that is a bit unpractical here, it is a “guest network” that visitors use to access internet while in te office.
I expect that the problem will go away by itself when the leasetime that was offered by the previous router has
expired.
It seems there are issues with other computers on the network too. Lots of them (mostly Mac’s) can’t ping the router’s IP, although they receive an IP address. Also a PC on the network can’t access the internet. This machine has trouble with DNS servers. I am using Google’s servers (8.8.8.8 and 8.8.4.4.)
Perhaps there is something wrong with my config, although it was working for a few days last week without issue. I have posted it below.
Also, some further testing on the original Mac that had trouble:
I do get an IP address, but I cannot ping the Mikrotik router at 10.0.2.200. However, when I click ‘renew DHCP lease’ in Network Preferences on the Mac, the router responds to the ping command still running in the terminal. I get the same IP address, then I can’t ping the router again.
is it possible to setup a computer on your network or another devices as a temporary dhcp server to ensure the router is not at fault. If the temp dhcp server works. Try removing and reconfiguring the dhcp on the router again.
This situation sounds eerily similar to some behaviors we saw back when iPhones first came to be EVERY-FREAKING-WHERE.
I don’t recall the exact symptoms, and there was a hotspot involved… I do remember seeing the error message about lease offered unsuccessfully…
Anyway, Apple devices would have issues getting DHCP where others wouldn’t. I seem to recall that we eventually discovered that the Hotspot needed to allow connections for CRL checks that Apple was doing against our GoDaddy-issued hotspot certificate. To this day, I don’t know why it manifested itself as refusal to obtain a lease… and I don’t know if various updates along the way on both Mikrotik’s side and on Apple’s side just happened to make the DHCP thing go away right around the time we figured out to whitelist GoDaddy’s CRL addresses in the IP Walled Garden…
I have changed the DHCP server to authoritative=yes instead of “after 2 second delay” and the one Apple device
that would not get a lease now works OK.
I don’t know, however, if the changes has made it work or if it has started to work due to expiry of the lease it got
from the previous router.
So you could try this as well and see if there is a difference…
So I tried disabling the DHCP server and setting a manual address on my Macbook, however I was having trouble pinging the router and getting an internet connection. The router itself appears to be fine and I can ping the internet from the router via Winbox.
I tried changing the routers response to ICMP packets as mentioned in this post here:
after which I could then ping the router from my Macbook. But still no internet connection!
I then unplugged the router from the switch and plugged it into a different switch socket (it’s a Netgear JGS524 unmanaged switch) and the Internet connection came back and everything started working fine again!
This lasted 5 minutes, and then my internet connection disappeared and I can’t ping the router any more!!