Client unable to ping remote gateway

mambotech · October 14, 2006, 3:22pm

Hi,

I have just installed one of the Mikrotik CPE units and for some unknown reason the client PC is not able to browse the internet. This is the configuration:

Wlan=station mode ip address=192.168.2.26 gateway=192.168.2.7
ether1 ipaddress = 192.168.10.1 dhcp-server enabled
Client PC ipaddress=192.168.10.2 gateway=192.168.10.1

Standard Nat rule set 0 chain=src-nat out-interface=wlan1 action=masquerade

The problem I am facing is.

I can ping the remote gateway 192.168.2.7 from the router when connect via telnet to the wlan interface.
I can ping the remote gateway 192.168.2.7 from the router when connect via telnet to the ether1 interface.
I can ping the wlan interface 192.168.2.26 from the client PC

4.I cannot ping the remote gateway 192.168.2.7 from the client PC.

5.I cannot ping the client from the router either. The client has been allocated an ipaddress from the router of 192.168.10.2.

Can anyone tell me what I have missed.

Thanks Mark

BrianHiggins · October 14, 2006, 4:12pm

sounds like you nat rule isn’t working correctly…

mambotech · October 14, 2006, 4:19pm

Hi Forepoint,

Is there any other way of fixing this problem. I have even added a static route to the AP that the client connects to. I can ping from the main AP all the way back to the 192.168.10.1 address.

Thanks Mark

BrianHiggins · October 14, 2006, 4:51pm

do you have a software firewall turned on at the client machine?

try another client to rule out problems with it.

mambotech · October 14, 2006, 4:59pm

Forepoint the client can ping the wlan interface 192.168.2.26 ???

BrianHiggins · October 14, 2006, 5:02pm

if you can ping wlan1, but not the AP, it sounds like your NAT rule isn’t working…

also, with having NAT in place, you will not be able to ping the client from the host AP…

mambotech · October 14, 2006, 7:21pm

Forepoint,

If I remove nat what else can I setup. I have static routes

Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf

DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE

0 ADC 192.168.2.0/24 192.168.2.26 wlan1
1 ADC 192.168.10.0/24 192.168.10.1 ether1
2 A S 0.0.0.0/0 r 192.168.2.7 wlan1
[mark@MikroTik] >

BrianHiggins · October 15, 2006, 10:39pm

why remove nat? you don’t need access from the AP all the way to the PC do you?

mambotech · October 15, 2006, 10:49pm

Forepoint,

I have disabled nat and the PC is now getting an ipaddress from the Network DHCP server …and I can ping the PC’s ipaddress now. I am just waiting for the user to tell me if they can browse.

I agree Nat would be good but it’s not working correctly.

Mark