Hi All
I have a Map 2nd which I currently have setup to run on a 4g dongle. I would like to get it setup so one of the wifi channels can connect to a hotel wifi and the other wifi channel I can use to connect my devices as normal.
Is there a guide anywhere to setting this up as still a little new to the Mikrotik’s
Thanks
No way. You need two radios = 2 different wifi interfaces to do that.
Edit:
Buy https://mikrotik.com/product/RBmAPL-2nD to have second WiFi AP
or change your device to https://mikrotik.com/product/RB952Ui-5ac2nD-TC to have 2.4/5Ghz radios.
Oh ok, thought as my mAP (RBmAP2nD) has Wireless 2.4 GHz number of chains: 2 this would do it
no you need wifi 2,4 and 5 Ghz
You can connect to the hotel
wifi with the one wifi interface an use it as WAN.
Then you can build with it a additional virtual AP…
Using this way for example mikrotik builds a repeater with only one physical wifi interface.
Connecting with mAP2nd to a hotel/city/public wifi, and then redistribute it as another wifi (same band/channel) and also via ethernet is no problem.
I use this very very often (the mAP Lite is also my VPN provider to my home network, for everything connected to the wifi or ethernet port of the mAP Lite)
Connecting to a PEAP/Enterprise secured network can be a hassle, but in most cases it works.
You can choose between repeater setup (with “station pseudobridge” mode) or as a Home AP with ( “station” mode) wifi uplink and it’s own DHCP server.
Hassle?: is finding the right settings around certificates. And also DHCP client on attached devices may need a DHCP relay on the mAP Lite, or clients need to use a static IP address.
Home AP mode does not have that problem.
My mAP selects and autoconnects to all wifi networks I ever visited. That includes my own smarthone, as I always travel without ethernet cable. (wifi downlink depends on uplink wifi)
As indicated by bpwl, perfectly possible using main radio and virtual AP as slave.
I also have mAP and mAP Lite using such setup for years.
Only “drawback” is that your main wifi needs to be connected before slave will become active.
But (also indicated by bpwl) using your own smartphone-hotspot as one of the wifi interfaces in connect list, there is always at least 1 known wifi network to connect to.
And then the games can begin …
Just another way to enter information making the mAP Lite connect to the hotel or other Guest wifi network.
Turn the WLAN functions (WLAN1 and virtual WLAN) around.
Connect list can still be used for convenience.
Hi,
Iam trying to achieve the same set-up as the initial poster in this topic but I struggle with some terminology used across replies here and in referenced topics. For an example “normal stand-alone MT AP” not really sure what that is.
Anyway, I have Mikrotik Map Lite and would like to use it to:
So far, I am able to connect to Map Lite using winbox.
I would be grateful if you can provide the instructions to achieve above.
Thank you
normal stand-alone MT AP
That is when the wireless interface is in mode “AP” , it has an SSID and a security setting on that interface, also the frequency is normally set
That wireless interface is then, in the normal or usual case connected as port to a bridge.
(Now that wireless interface is “slave” to the bridge. Therefore the IP address and DHCP server will be set up on that bridge (not on the slave interfaces))
Other interfaces, like ethernet interfaces could also be added as port to that bridge, and will use the same IP address , DHCP server and pool
In the second method (where the wireless interface is a normal AP setup) , then a second virtual (wireless) interface is added.
This virtual wireless interface will replace the WAN ethernet interface which connects to Internet
That new virtual interface uses the first wireless interface (with the mode AP) as the master wireless interface, and inherits most wireless parameters from there.
That virtual interface is in station mode, and is used to connect to the Internet providing wifi network (you call it ‘guest’ network)
Bridging over wireless connections is always difficult, so let’s take here the use of a routed setup.
For this, that virtual interface is NOT a port on the bridge, but is given a DHCP client, so it gets IP address and route information from the DHCP server of the ‘guest’ network.
One problem here is to make the virtual interface use the same wifi channel as the ‘guest’ network.
This is done by setting the first wireless interface (the one with the AP mode) to exactly the same frequency and channel width as the ‘guest’ network
On the second virtual wireless interface the SSID and security profile that matches the ‘guest’ interface is set up. This should allow for that wireless connection.
Routed solution here is the normal “AP home” gateway setup, but with the WAN ethernet interface replaced by the virtual wireless in “station” mode.
Where the bridge is a member in the LAN interface list
Where the virtual interface is a member in the WAN interface list
These interface lists are used in the default firewall setup.
When using the default config with the default firewall rules, this should properly set security, NAT (masquerade rule) for the WAN interface, and allow access for all things on the bridge
The terminology Is a mess.
Station in layman speak means “client”, an interface in station mode connects to an existing wireless network (hotel access point) just like your phone or laptop would.
AP is much more intuitive as a name, It is the mode where the interface creates a new wireless network (with your own SSID).
Slight mod for ya…
Best advice 10 years ago, it seems that long probably only 5, for MT to hire BPWL to fix their wifi mess. Advice ignored…
Naah, Mikrotik has its share of responsabilities with (mis-)naming, but if you look at other vendors, the same thing is called “client” by TP-Link and a few other, but “WiFi Bridge” by D-Link (who calls the other end “station” 
).
More generally - besides “AP mode” and “router” which seems to be common to most if not all, the other common modes of working are called differently, in some cases even differently between the brochure/quick guide/manual and the GUI in many other vendors products.
Now playing with 3 cheap “WISP travel routers”, I would advice travellers to add to their travel gear
They are relative easy to set up, MT mAP Lite is in that same group. It can do more than those 3 , but ROS can be hard to master.
The devices are based on OpenWRT with an extra GUI with nice graphics for the setup.
But the names used … all different … Operation mode: router, WISP, extender, repeater, AP, client…
And the use of the name “hotspot” … all over all devices.
Most Confusing? The winner for me is MT “Quick Set” list with “CPE, Home AP, PtP bridge AP, PTP bridge CPE, WISP AP, Home Mesh, CAP”
Where did you get that from ? 
Would not be hard, if they had some proper documentation.
It’s often “finding out” by trial and error.
Try to understand the 3 to 7 “timeout” settings in MT Hotspot, from the documentation. (Actually the old wiki has more on Hotspot than the new Help pages.)
And some more of “timeout” in User Manager attributes
“Keepalive-timeout” is something different for tunnels and connections, usually triggering keepalive packets
In MT it is more like an “Idle timeout”, both do somewhat the same when reached.
“Host Dead Time” is not documented, is it compared to the “Idle timeout” or to the “Keepalive-timeout”?
In user manager using multiple “User Profile” entries for the same user, can be used to implement a “fair use” poilicy.
(When the first entry is used up, the next is used. Counters can be reset periodically. Will the “User Profile” selection also react ?)
Can one use multiple “Profile limitation” entries, the same way?
Nothing is documented.
You crack me up!!
BPWL for president of MT, re-assign the well-intentioned but failing staff they have running the wifi show. Mean well and positive outcomes have proven to be mutually exclusive! 
Routed solution here is the normal “AP home” gateway setup, but with the WAN ethernet interface replaced by the virtual wireless in “station” mode.
@bpwl Thank you for taking the time to reply to my post.
Iam still a bit lost in my Map Lite configuration to be honest.
My VIRTUAL WLAN in connected to the “guest network” and able to connect to the internet, however the internet connection is not available on WLAN1.
Perhaps I misunderstood how to configure the bridge. Addition to this I need some help with firewall rules, since nothing is there Iam not sure how to configure this.
It was all correctly set in the default firewall rules.
The DHCP client should, besides the IP address and netmask, also correctly add the needed IP route, and set the IP address of the DNS server to use.
The default firewall rules work with 2 predefined "interface list"s , named “LAN” and “WAN”
Then the default rules will:
-allow acces from the “LAN” interfaces to the “WAN” interfaces
-protect the “LAN” from attempts “not coming from LAN” interfaces
-do the needed NAT address translation for the outgoing connections, with the firewall “NAT” rule for the “WAN”-member interaces
I do not have any firewall rules in place and have not delete them, so how do I get the default rules set?
And also is my understanding correct that - the only port on BRIDGE1 should be the WLAN1 interface?
Thank you