I have an RB2011UIAS that I am this close to having working the way I want. I have a Comcast SMC gateway that I have put into pseudo-bridge mode to get SSTP VPN running. The problem I am having is getting google.com (and apparently any sites that utilize Google Analytics) to resolve - they just time out. Most other sites load up without issue. I only have this issue when connected to the LAN via Ethernet or VPN - if I connect via the router’s WiFi I can reach Google sites just fine.

In searching for a resolution it seems that the problem is DNS or firewall related, I just don’t know enough about networking to determine what setting I have wrong. Any assistance would be greatly appreciated. Thanks.

We will need a lot more info to help. A good start to so post an export of the config.

/ip export

Sure thing. By the way, I am able to ping google.com from the router, but unable from any internal PC - it returns 'Destination host unreachable', so I'm fairly certain that it has to do with something I've mucked up along the way.

jul/30/2016 20:01:37 by RouterOS 6.36

software id = TPTU-EMM2

/ip pool
add name=dhcp ranges=192.168.2.10-192.168.2.254
add name=sstp ranges=192.168.4.10-192.168.4.100
/ip address
add address=192.168.2.1/24 comment=defconf interface=ether2-master network=
192.168.2.0
add address=75.x.x.1/8 interface=ether1 network=75.0.0.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
/ip dhcp-server network
add address=192.168.2.0/24 comment=defconf gateway=192.168.2.1
/ip dns
set allow-remote-requests=yes servers=75.75.75.75,75.75.76.76
/ip dns static
add address=192.168.2.1 name=router
/ip firewall filter
add action=accept chain=input dst-port=8291 log-prefix="" protocol=tcp
add action=accept chain=input dst-port=443 in-interface=ether1 log-prefix=""
protocol=tcp
add action=drop chain=input dst-address=75.x.x.1 dst-port=53 log-prefix=""
protocol=tcp
add action=drop chain=input dst-address=75.x.x.1 dst-port=53 log-prefix=""
protocol=udp
add action=accept chain=input log-prefix="" protocol=gre
add action=accept chain=input comment="defconf: accept ICMP" log-prefix=""
protocol=icmp
add action=accept chain=input comment="defconf: accept established,related"
connection-state=established,related log-prefix=""
add action=accept chain=output log-prefix=""
add action=drop chain=input comment="defconf: drop all from WAN" in-interface=
ether1 log-prefix=""
add action=fasttrack-connection chain=forward comment="defconf: fasttrack"
connection-state=established,related log-prefix=""
add action=accept chain=forward comment="defconf: accept established,related"
connection-state=established,related log-prefix=""
add action=drop chain=forward comment="defconf: drop invalid" connection-state=
invalid log-prefix=""
add action=drop chain=forward comment=
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat
connection-state=new in-interface=ether1 log-prefix=""
/ip firewall nat
add action=dst-nat chain=dstnat dst-port=443 in-interface=ether1 log-prefix=""
protocol=tcp to-addresses=192.168.2.1 to-ports=443
add action=masquerade chain=srcnat comment="defconf: masquerade" log-prefix=""
out-interface=ether1
add action=masquerade chain=srcnat comment="SSTP VPN" log-prefix=""
out-interface= src-address=192.168.2.0/24
/ip route
add distance=1 gateway=75.x.x.2
add distance=1 dst-address=192.168.2.0/24 gateway=SSTP
/ip service
set www-ssl disabled=no

Any thoughts on why I can ping google.com but cannot resolve the website via browser, and/or why I can access google.com via the router’s wireless, but not ethernet?

I would guess that you have a firewall or NAT issue. try turning off all the firewall rules, and leave only the single masquerade rule.

I turned off all firewall rules and left the masquerade rule in place, but that did not resolve the issue. However, I was able to resolve the issue by correcting the network information under IP | Address List. For whatever reason, my netmask was set to 8 instead of 30, and my network to 74.0.0.0. I’m not sure what led me to make those settings initially, but apparently it’s what was causing the intermittent connectivity issues. Still not sure why I was able to browse the internet without issue via wireless, but I’m happy to have everything running smoothly now. Thanks for the troubleshooting tips.