Sorry if this may seem like a basic question but I wanted to check to save a headache later!
I’m working on a new network setup with a Mikrotik Hex S paired with a Uniquiti WiFi 6 AP. The Hex will replace my ISP (BT) router.
I’ll have a fair bit of tinkering to do - I was wondering; to avoid breaking existing Wifi would it be possible to do all the setup with the Mikrotik simply plugged into my BT router and doing NAT, and then later change to PPPoE?
My requirements of the router are reasonably basic, a couple of VLANs (one which will be configured to always use a VPN) but just unsure if I set up bridges, firewall rules, traffic marks etc if that would be broken when I use the device as the main router with PPPoE
Yes. Start from the default configuration on the Mikrotik, connect ether1 to your existing router and the Mikrotik will use DHCP to acquire an IP address. Configure the LAN-side VLANs as desired, a single VLAN-aware bridge and hybrid ports are the most straightforward method when interworking with UniFi. There are plenty of posts in the forums from others doing similar.
Obviously you can’t use the same subnet address handed out by the existing router on any of the VLANs as the Mikrotik would be unable to route between the same address range on two different networks,
Later you can add a PPPoE client, add it to the WAN interface list so the WAN firewall & NAT rules will be applied to it, and disable the DHCP client when removing the existing router.
An unrelated point to be aware of is BT are migrating their FTTC & FTTP customers to ‘Digital Voice’ replacing the existing PSTN service. this is provided from a socket on the BT Smart Hub 2 rather than plugging a phone into the master socket. If you are using your landline phone service you have no choice but to use the BT-supplied router, as although the voice service is SIP-based it is an entirely closed managed system, and you cannot easily transfer your landline phone number to another provider without cancelling your broadband service. There are many posts in the thinkbroadband forums discussing this.
My apologies for not replying sooner. This is enormously helpful and really useful to know. I’m going to stage the config on a hAP lite as my Hex S is busy providing vastly improved ikev2 vpn performance.
Great point about the phone service, we don’t use it but it’s good to know.
Did anyone work an answer to this? I have a Mikrotik RB4011iGS router. We still have our landline active, but I cannot connect to it since it has been made digital. I was thinking of connecting the BT Smart Hub 2 to the mikrotik and then from their to the Digital landline (but my knowledge is not greatly advanced!). Is there any other way of activating the landline. I want to keep the Mikrotik. Annoying, I have various RJ11 ports through the property which I kind of wanted for a intercom… and I wanted at least one landline phone for those emergencies. Any views appreciated.
The BT Digital Voice offering is a closed system, you have to use the SH2.
There was a thread on the thinkbroadband forum https://forums.thinkbroadband.com/fibre/t/4670157-re-bt-fttp-with-digital-voice-alternative-to-smart-hub-2.html where someone managed to detect and spoof enough information for the SH2 to run behind an Asus router with the assistance of of a Raspberry Pi. Offhand I don’t know if there is enough functionality in the Mikrotik PPPoE client & server and scripting to implement all of this directly, or if it would require helper devices.
Alternatively port the phone number to a VoIP provider independent of your ISP, in the UK many people use Andrews & Arnold. Unfortunately BT still have a tendancy to cancel the broadband service when you do this, despite there being no technical reason whatsoever for doing so on FTTP connections (there are on FTTC connections as the circuit is identified by the voice directory number).
Having been converted to digital voice a ‘landline’ phone relies on power and internet connectivity to work, so cannot necessarily be relied on in an emergency e.g. if caused by weather which has brought down power lines. There are articles on thinkbroadband and ISPreview discussing standby power options for ONTs / modems, routers, voice adapters / DECT basestations, etc.