DHCP Relay cant access internet

fakhrulraharjo · July 28, 2020, 7:03am

Hello, I hope someone here can help me.

So i have 2 mikrotik router, 1 act as dhcp server and the other as dhcp relay.

Config router 1
/interface bridge
add disabled=yes name=bridge1
/interface ethernet
set [ find default-name=ether1 ] advertise=
100M-half,100M-full,1000M-half,1000M-full name=ether1-internet
set [ find default-name=ether2 ] advertise=
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=ether2-LAN
set [ find default-name=ether3 ] advertise=
100M-half,100M-full,1000M-half,1000M-full name=ether3-HOTSPOT
set [ find default-name=ether4 ] advertise=
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether5 ] advertise=
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface vlan
add interface=ether2-LAN name=vlan100 vlan-id=100
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=
192.168.20.60-192.168.20.199,192.168.20.201-192.168.20.254
add name=dhcp_tes ranges=192.168.21.1-192.168.21.190
add name=dhcp_pool3 ranges=172.31.1.2-172.31.1.254
add name=pool1 ranges=192.168.20.202-192.168.20.254
add name=Public ranges=192.168.50.2-192.168.50.254
add name=dhcp_pool8 ranges=192.168.70.2-192.168.70.254
add name=dhcp_pool9 ranges=172.16.1.1-172.16.1.253
/ip dhcp-server
add address-pool=dhcp_tes disabled=no interface=ether3-HOTSPOT name=dhcp2
add address-pool=dhcp_tes interface=bridge1 name=server-tes relay=
192.168.21.200
add address-pool=Public disabled=no interface=ether4 name=Public
add address-pool=dhcp_pool9 disabled=no interface=ether2-LAN name=dhcp4 relay=
172.16.1.254
/ip pool
add name=Internal next-pool=pool1 ranges=
192.168.20.1-192.168.20.199,192.168.20.202-192.168.20.254
/ip dhcp-server
add address-pool=Internal disabled=no interface=ether2-LAN name=Internal
add address-pool=Internal disabled=no interface=bridge1 name=dhcp3
/queue simple
add disabled=yes max-limit=64k/64k name=“TOTAL BANDWIDTH LAN” target=
ether2-LAN,ether2-LAN
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=CILENT1 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.101/32
add disabled=yes max-limit=0/35M name=“LAB KOMP” target=192.168.20.9/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue12 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.112/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue2 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.102/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue3 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.103/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue4 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.104/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue5 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.105/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue6 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.106/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue7 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.107/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue8 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.108/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue9 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.109/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue10 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.110/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue11 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.111/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue30 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.130/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue31 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.131/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue29 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.129/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue28 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.128/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue27 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.127/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue26 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.126/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue25 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.125/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue24 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.124/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue23 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.123/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue22 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.122/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue21 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.121/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue20 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.120/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue19 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.119/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue18 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.118/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue17 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.117/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue16 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.116/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue15 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.115/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue14 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.114/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue13 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.113/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue50 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.150/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue49 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.149/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue48 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.148/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue47 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.147/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue46 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.146/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue45 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.145/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue44 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.144/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue43 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.143/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue42 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.142/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue41 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.141/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue40 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.140/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue39 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.139/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue38 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.138/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue37 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.137/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue36 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.136/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue35 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.135/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue34 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.134/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue33 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.133/32
add disabled=yes limit-at=200k/200k max-limit=10M/10M name=queue32 parent=
“TOTAL BANDWIDTH LAN” target=192.168.20.132/32
add disabled=yes max-limit=0/2M name=“KOMP TU 2” target=192.168.20.5/32
add disabled=yes max-limit=0/2M name=“KOMP TU 1” target=192.168.20.4/32
add disabled=yes max-limit=0/5M name=“MIKROTIK NDALEM 2” target=
192.168.20.20/32
add disabled=yes max-limit=0/2M name=“KOMP HUMAS” target=192.168.20.22/32
add disabled=yes max-limit=0/2M name=“KOMP KURIKULUM” target=192.168.20.6/32
add disabled=yes max-limit=0/2M name=“KOMP KESISWAAN” target=192.168.20.7/32
add disabled=yes max-limit=0/2M name=“KOMP SARPRAS” target=192.168.20.21/32
add disabled=yes max-limit=0/2M name=“KOMP GURU” target=192.168.20.12/32
/queue type
add kind=pcq name=PCQ-DOWNLOAD pcq-classifier=dst-address
pcq-dst-address6-mask=64 pcq-rate=256k pcq-src-address6-mask=64
add kind=pcq name=PCQ-UPLOAD pcq-classifier=dst-address pcq-dst-address6-mask=
64 pcq-rate=256k pcq-src-address6-mask=64
/interface bridge port
add bridge=bridge1 interface=ether2-LAN
add bridge=bridge1 interface=ether3-HOTSPOT
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
/interface detect-internet
set detect-interface-list=all lan-interface-list=all
/interface list member
add interface=ether1-internet list=WAN
add list=LAN
add interface=bridge1 list=LAN
add interface=ether4 list=LAN
/ip address
add address=192.168.99.254/24 interface=ether1-internet network=192.168.99.0
add address=192.168.20.200/24 interface=ether2-LAN network=192.168.20.0
add address=192.168.21.200/24 disabled=yes interface=bridge1 network=
192.168.21.0
add address=172.31.1.1/24 interface=vlan100 network=172.31.1.0
add address=192.168.50.1/24 interface=ether4 network=192.168.50.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=30m
/ip dhcp-client
add dhcp-options=hostname,clientid interface=ether1-internet
/ip dhcp-relay
add dhcp-server=192.168.21.200 interface=ether2-LAN local-address=
192.168.20.101 name=da
/ip dhcp-server lease
add address=192.168.20.145 client-id=1:d4:85:64:b3:65:37 mac-address=
D4:85:64:B3:65:37 server=dhcp3
add address=192.168.20.139 mac-address=74:DA:DA:33:95:09 server=dhcp3
/ip dhcp-server network
add address=172.16.1.0/24 dns-server=192.168.20.200,8.8.8.8 gateway=
172.16.1.254 ntp-server=192.168.20.200
add address=172.31.1.0/24 gateway=172.31.1.1
add address=192.168.20.0/24 gateway=192.168.20.200 netmask=24
add address=192.168.50.0/24 gateway=192.168.50.1
add address=192.168.70.0/24 gateway=192.168.70.1 netmask=24
add address=192.168.100.0/24 gateway=192.168.100.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.20.200 name=router.lan
/ip firewall filter
add action=accept chain=forward
add action=accept chain=forward
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-internet
out-interface-list=WAN
add action=dst-nat chain=dstnat comment=“port forwading tu1” disabled=yes
dst-port=80 in-interface=ether1-internet protocol=tcp to-addresses=
192.168.20.104 to-ports=80
add action=masquerade chain=srcnat comment=“ACC AKSES MODEM” disabled=yes
out-interface=ether1-internet
/ip route
add distance=1 gateway=192.168.99.1
add check-gateway=ping distance=1 dst-address=172.16.1.0/24 gateway=
192.168.20.199 scope=10
/ip service
set www port=5507
/system clock
set time-zone-name=Asia/Jakarta
/system identity
set name=“ALI MAKSUM”

Router 2 config
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add interface=ether2
add interface=ether1
/ip address
add address=172.16.1.254/24 interface=ether2 network=172.16.1.0
add address=192.168.20.199/24 interface=ether1 network=192.168.20.0
/ip dhcp-relay
add dhcp-server=192.168.20.200 disabled=no interface=ether2 local-address=
172.16.1.254 name=relay-li
/ip dns
set allow-remote-requests=yes
/ip firewall filter
add action=accept chain=forward

Right now client that connected through second router can acces local network but cannot acces internet, i try ping google.com and it come with “cannot resolve google.com: unknown host” then i try to ping 216.239.38.120 it says “destination net unreachable”

I hope someone here can help me, thank you

floaty · July 31, 2020, 11:25pm

.
first ! … you giving us config-data (which is a nice thing) … you put it in here:
.

.
so nobody gets eye-cancer !
.
and I’m not shure if you posted everything from router2 … but a default-route to router1 would make huge sense … and I’m missing it … do you copy ?
providing your clients with an ip-address is a noble thing ! … but you should treat your connected router accordingly !
.

Router 2 config
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add interface=ether2
add interface=ether1
/ip address
add address=172.16.1.254/24 interface=ether2 network=172.16.1.0
add address=192.168.20.199/24 interface=ether1 network=192.168.20.0
/ip dhcp-relay
add dhcp-server=192.168.20.200 disabled=no interface=ether2 local-address=\
172.16.1.254 name=relay-li
/ip dns
set allow-remote-requests=yes
/ip firewall filter
add action=accept chain=forward