Hello. I am studying and playing Mikrotik hEX S at the company where I work.
My Senior gave me a task: Connect the Internet via Mikrotik, but without a Bridge.
DHCP is working. I got IP, Subnet Mask, Gateway, etc. on PC via DHCP. But no access to the internet.
Can anyone help me? I would appreciate it.
Thank you very much.
I removed the Default configuration on the first start on Mikrotik.
PC connected to Mikrotik via ether2 and ether1 is my WAN. By the way, the LAN which going to ether1 as WAN is coming from a Switch, and when I connect this cable directly to the PC from the Switch I get Static 192.168.88.103 IP address/Gateway: 192.168.88.1. So I can access the internet.
So
I created a 192.168.4.0/24 IP Address List on ether4 Interface.
I created an IP Pool 192.168.4.2-192.168.4.254.
I created a DHCP on the ether4 interface:
DHCP Address Space: 192.168.4.0/24
Gateway for DHCP Server: 192.168.4.1
DNS: 1.1.1.1
I created NAT rule on ether1 interface:
chain: srcnat
Out. Interface: ether1
Action: masquerade
MyConfig:
# 1970-01-02 03:24:24 by RouterOS 7.16
# software id = WUW1-P1FX
#
# model = RB760iGS
# serial number = HET097BM3TD
/ip pool
add name=dhcp_pool0 ranges=192.168.4.2-192.168.4.254
/ip dhcp-server
add address-pool=dhcp_pool3 interface=ether4 name=dhcp1
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip address
add address=192.168.4.0/24 interface=ether4 network=192.168.4.0
add address=192.168.88.103/24 interface=ether1 network=192.168.88.0
/ip dhcp-server network
add address=192.168.4.0/24 dns-server=1.1.1.1 gateway=192.168.4.1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/system note
set show-at-login=no
I tried learning to use Port Isolation, Static Route, and Add New ARP. But I failed, I think maybe one of these I should use or maybe not.
Can anyone help me? I would appreciate it.
Thank you very much.
You do not have a static default-route and that is the reason why it does not work.
Add a static route 0.0.0.0/0 pointing to the next hop “192.168.88.1” across interface ether1
Because the Task was like this:
Configure Mikrotik for:
100 IP cameras have to connect to ether2 via NVR
20 IP Tel have to connect to ether3 via ??
20 PC have to connect to ether4 via ??
5 Access points have to connect to ether5 via ??
Not Bridge? Because each network should not see each other.
I just wanted to understand the logic for one of these, then I can apply it to the rest.
192.168.88.1 is OK as next-hop.
The Mikrotik will find it.
So correcting the mentioned 192.168.4.x on the INTERFACE itself combined with a correct static-route should get it working I guess.
Does it matter if Gateway in DHCP is 192.168.4.1 or 192.168.4.2? It shouldn’t be the same as Address on the Adress list or not.: https://hizliresim.com/qa7p63a
Maybe something is wrong with DNS in DHCP. It should be 1.1.1.1 or the IP comes to the PC when I connect the ethernet cable from the router to the PC.: https://hizliresim.com/1v6smfq
For the Static IP Route, you mentioned before you said 192.168.88.1 why? Because it is the default IP address for MikroTik or 192.168.88.1 is the Gateway I get from Switch’s DHCP that connected to Mikrotik’s ether1?
Let’s say I did the right configuration after that I should Reboot Mikrotik or Disable/Enable the Ethernet Adapter on the PC or what?
Does it matter if Gateway in DHCP is 192.168.4.1 or 192.168.4.2? It shouldn’t be the same as Address on the Adress list or not.: https://hizliresim.com/qa7p63a
Offcourse this matter. This is KEY. The value of gateway must be the same as the IP of the interface !
So in your case 192.168.4.1
Otherwise no PC will find its way out of that subnet…
What about that DNS .
Is see 192.168.1.75 assigned as DNS-server ?? Where is it ?
Try to assign 1.1.1.1 (or 8.8.8. in the DHCP-settings for clients to start with.
Can you perform a basic lookup ?
So open CMD-prompt, and try “ping www.youtube.com” ?? What does it do / say ???
I fixed Gateway and DNS. But still the same issue:
I wrote in cmd ipconfig /release and ipconfig /renew, so Internet access comes(but very slow, I tried 5 times, and at once YouTube opened very slowly) after a 10-second boom Internet Acces lost.
Pics: https://hizliresim.com/ot3lv5l
10 sec later: https://hizliresim.com/dcgnf6u
Could you answer these two, please? I read tons of Mikrotik forums, but can’t find these specific situations.
For the Static IP Route, you mentioned before you said 192.168.88.1 why? Because it is the default IP address for MikroTik or 192.168.88.1 is the Gateway I get from Switch’s DHCP that connected to Mikrotik’s ether1?
Let’s say I did the right configuration after that I should Reboot Mikrotik or Disable/Enable the Ethernet Adapter on the PC or what?
I understood earlier in your posts that your "ether1" is your ISP "uplink" AND if you pull out the cable out of your Mikrotik router and put it on a PC it receives via DHCP a 192.168.88.x IP and Internet works.
PC connected to Mikrotik via ether2 and ether1 is my WAN. By the way, the LAN which going to ether1 as WAN is coming from a Switch, and when I connect this cable directly to the PC from the Switch I get Static 192.168.88.103 IP address/Gateway: 192.168.88.1. So I can access the internet.
So it is clear that 192.168.88.1 IS the gateway your Mikrotik also has to use via "ether1" (WAN)
...but wait...why don't you simply make "ether1" a "DHCP-client" It seems something "upstream" is providing IP + Gateway information. (because you tested with PC and it worked)
So go to "IP" -> "DHCP Client" and "add" interface "ether1" as DHCP-client.
Then make sure "used peer dns" and "add default route" are selected.
Then see what happens IF you automagically get also a 192.168.88.x IP on that "ether1" port.
It is worked. Thank you very much!
I appreciate it.
Thank you for spending your time with me!
Thank you for your attention.
You helped me a lot. Thank you!
in the DHCP-settings for clients to start with.