I’m a student at Aalborg University, currently working on configuring a Mikrotik GrooveA 52 ac antenna for a mobile rover. The goal is to connect the antenna to the university’s WiFi, and then share that connection both via the Ethernet port (to an onboard switch) and through a WiFi hotspot, so we can remotely connect to the rover.
I’ve set up the antenna using Winbox, where:
wlan1 is connected to the local router (via DHCP client).
wlan2 is configured as an access point.
These two interfaces are bridged, with the DHCP client configured on the bridge.
This setup allows me to connect to the antenna’s WiFi, but I’m unable to ping external sites like google.com. The connection only works if I remove the bridge and configure the DHCP client on wlan1, but when I do this, the WiFi access point on the antenna stops working.
I’m fairly new to networking and would really appreciate any help to get this configuration working correctly. I’ve attached my Winbox configuration below for reference:
[admin@MikroTik] > /export hide-sensitive
# apr/07/2025 12:41:08 by RouterOS 6.49.18
# software id = M5KY-KUV5
#
# model = RBGrooveGA-52HPacn
# serial number = H
/interface bridge
add admin-mac=F4:1E:57:1B:5F:0E auto-mac=no comment=defconf disabled=yes name=bridge
add name=bridge1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=upstream_wifi supplicant-identity=""
add authentication-types=wpa2-psk mode=dynamic-keys name=Leoantenna1 supplicant-identity=""
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n disabled=no frequency=2422 installation=outdoor mode=\
station-wds security-profile=upstream_wifi ssid=F-klubben
add disabled=no keepalive-frames=disabled mac-address=F6:1E:57:1B:5F:0F master-interface=wlan1 \
multicast-buffering=disabled name=wlan2 security-profile=Leoantenna1 ssid=LeoAntenna1 wds-cost-range=0 \
wds-default-cost=0 wps-mode=disabled
/ip pool
add name=dhcp_pool0 ranges=172.17.192.2-172.17.255.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge1 name=dhcp1
/interface bridge port
add bridge=bridge comment=defconf disabled=yes interface=ether1
add bridge=bridge1 interface=wlan2
add bridge=bridge1 interface=wlan1
/ip dhcp-client
add disabled=no interface=bridge1
/ip dhcp-server network
add address=172.17.192.0/18 gateway=172.17.192.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,1.1.1.1
/ip firewall nat
# in/out-interface matcher not possible when interface (wlan1) is slave - use master instead (bridge1)
add action=masquerade chain=srcnat out-interface=wlan1
/system clock
set time-zone-name=Europe/Copenhagen
What could the RoS be trying to tell you? (the line in red prepended by a # sign is a warning/error message)
/ip firewall nat
# in/out-interface matcher not possible when interface (wlan1) is slave - use master instead (bridge1)
add action=masquerade chain=srcnat out-interface=wlan1
But the setup is “wrong” anyway, if you have a DHCP client on the bridge, then you cannot have also a DHCP server on it, as it will conflict with the “main” dhcp server.
So, try removing the DHCP server from the bridge.
Then, your groove will become a sort of switch, not a router, clients connecting to it will receive the DHCP by the main router, and you can remove the NAT.
Can you connect to the LeoAntenna1 SSID?
Do you get on the device connected an IP (from the main router DHCP)?
Do you get on the device connected (still from the main router DHCP) a gateway?
Try disabling/removing the NAT rule, the device should be a switch.
i can only see the “LeoAntenna1” but apparently when I try to connect to it, it apparently just loops in “connecting” and never actually connects. Tried to disable the NAT rule, and there is no difference, the issue persists.
So it could become (more similar to what you had initially):
wlan1 as station with DHCP client (and conceptually WAN)
wlan2 as ap in bridge with ether1 and with DHCP server on the bridge (and conceptually LAN)
NAT rule with out-interface wlan1
But I now see that you are using station-wds mode, so is the “main” gateway router also a Mikrotik?
Okay after some bruteforce, it seems to work with the wlan1 on the “station pseudobridge” mode, so right now I can access the university internet through the antenna, although I only seem to be able to achieve 30Mbits/sec.
30 mbit/s sound like very slow, since you are using the same radio twice the speed will be halved, but the device should be capable of 433 Mbit/s so I would have expected something nearer to 1/4 of that, around 100 or so, but maybe there are other factors slowing down the data transfer.
How will a single- stream device achieve these speeds? The maximum spec is 150. But that’s if the bandwidth is 40, since there is no such bandwidth in 2.4 public wifi, the maximum data rate will be 72 mbps. Since in addition the repeater mode is used on the same frequency, the speed of 30 mbps is very good.
