Perhaps after some misconfiguration or so I found that my cAP ac is unavailable.
It was not accessible via telnet, ssh, webUI nor Winbox, according to documentation device should run DHCP server but not.
What seems quite crazy, when I run DHCP server on my machine, cAP ac requested an IP address, did ARP request for gateway, DNS request for cloud2.mikrotik.com, was seen some HTTPS communication with it (thus device appeared to be active). Also I can successfuly ping it, but it was all, it not respond to anything else.
I tried factory reset without any change.
I tried Netinstall mode - then I saw some TFTP request from it, but Netinstall did not detect MT and not respond to them.
I also borrowed some notebook with Windows 7 and tried Winbox and Netinstall there (I used Linux/Wine previously) - no change, cAP ac was not detected (even after reset to factory default or to Netinstall mode too).
After several hours and despair, last remnant of my mind saved me this finding: http://forum.mikrotik.com/t/new-device-cannot-be-discovered-after-reset/137317/1
All my tries I did was accessing device via ether1 port. And when I connect my Linux machine to ether2, I can access MT via its default IP address 192.168.88.1 via telnet, HTTP or Winbox. And there it was seen that the default IP address 192.168.88.1 was assigned to the bridge, which included ether2, wlan1 and wlan2 - but not ether1!
This IMO explains why device was not accessible through the first port on default IP - and it seems as MikroTik bug - because manual Setup paragraph clearly state: “1. Connect your internet cable to the first port”!
Or could I do something wrong?
Anyway, I still don’t understand and grope in some confusions:
Why did the MT itself communicate through ether1 port (after obtain IP params from DHCP), but was there in no way accessible (except ping - this was because it is kernel job /as in Linux/?)?
how it is possible, it is normal? Documentation IMO not mention this behavior.
it seems as it is possible, generally, after I was in Netinstall mode (where device was not visible and thus did no action with it), with next subsequent short press of the reset button (according to the documentation) switch to factory default state, true?
it is possible somehow, after misconfiguring device, obtain/rescue its configuration? E.g. by doing “/export file=myconfig” before each potentially dangerous command, access and copy this file after last command makes the device unavailable? Is some place where factory reset/Netinstall not erase this file? Or any other way?
Excuse for probably beginners questions. Still many questions and ambiguities, little knowledge.
I don’t know specifically about cAP, but default config usually uses ether1 as WAN port. So it will get address from DHCP, default route will point there, and it won’t accept any incoming connections, because you don’t want evil hackers from internet playing with your router.
If you are making dangerous changes, you can use Safe Mode. Enable it and if you manage to change something in a way that you disconnect yourself, it will automatically go back to the point where you enabled it.
As @Sob already explained when MT gets its default configuration, it doesn’t accept connections through WAN port (which usually is ether1).
There are, however, exceptions to the above (apart from admin manually configuring device differently):
When unit comes fresh from factory, it is not configured at all. It then accepts connections via first ether port only for initial configuration. Mind that this state is not the same as factory default.
If netinstall is necessary, it has to be performed through first ether port.
Indeed it is slightly confusing as when device is in unknown state, then it’s hard to guess which ether port is correct one to use.
…but after “reset to defaults”, the cAP ac should have 192.168.88.1/24 at ether2 with a DHCP server, and even if reset to the cAP mode rather than the router one, it should at least be discoverable by Winbox and accept connection to its MAC address there.
Hi Sob, mkx, sindy - thank you all for the explanation and other valuable fragments in the Mikrotik mosaic. In retrospect, my biggest mistake was (I never considered this possibility!) that I never thought that fresh new unit factory configuration != factory default configuration after reset! I haven’t come across this, quite essential, information anywhere! Situation, where manual clearly state “configure it via ether1” and after reset it is not valid, IMO should be distinctly indicated. And, although “after factory reset, unit not accessible from WAN port” behavior has some logic and rationale for router, same behavior for access point may be too strict.
Also, thank for recommending Safe Mode - although what I’ve found about it on the Internet now, it seems as it work on the command line and webfig, but (almost) not in Winbox, Thus some caution propably will be appropriate…
Thanks, Franta Hanzlik
I don’t use Safe Mode often, but it definitely has button in WinBox and it worked when I tried it. You still have to be careful when using it, because if you enable it and forget to disable it, you can lose quite a lot of changes when you finally cut yourself off.
