Hello.
If I put WAN port of my Mikrotik router directly to my ISP then it gets IP/Gateway/DNS via DHCP. I can ping gateway, DNS works but for some reason I can’t reach to internet. No matter if I try from a computer connected to LAN side of the Mikrotik router or from the router directly.
[admin@MikroTik] > ping www.google.com
SEQ HOST SIZE TTL TIME STATUS
0 142.251.36.68 timeout
1 142.251.36.68 timeout
2 142.251.36.68 timeout
sent=3 received=0 packet-loss=100%
traceroute shows hop to the gateway and then timeout.
Router configuration is attached.
What’s funny is that if I put my other TP-Link router to my ISP and connect Mikrotik to its LAN side then everything works fine - Mikrotik gets IP from DHCP of TP-Link and internet works. I have no idea why being connected to ISP directly breaks things.
Any idea? I’d really appreciate a help. Thank you in advance. mikrotik-settings.txt (5.09 KB)
To me it sounds like an issue at the ISP side. What I would try in this case would be to change the MAC address of ether1 of Mikrotik to the one of the TP-Link’s WAN; if the latter is not on the type shield of the TP-link, connect the TP-Link to Mikrotik’s LAN and see the DHCP lease it gets.
If your ISP happens to be UPC (now Vodafone): it used to be necessary to reboot the cable modem to make it accept a different MAC address on its LAN side.
No, it’s a local provider here in Czechia. I’ve asked them about this and they said this is on purpose. If you switch router you need to call them and they’ll update the MAC on their side. Supposedly a security improvement. Fortunately Mikrotik can edit its MACs
I’m not sure that educating CEO about access security would make any difference. CEOs nowdays only care to please investors and that’s probably true in Czechia as well.
Now, if you meant somebody should have a word with ISP’s PANA (principal access network architect) … then good luck finding that PAiNintheArse
