I’m new to MikroTik I worked with some simple concepts in a course and got really intrigued. At this moment I’ve got an hAP ac2 and done some general set-up with a forwarded port and a little playing around here and there.
I have 3 networks set up now, with one working as intended.
172.20.1.0/24 - Wired PC
172.20.10./24 - Bridged wireless 5GHz and 2.4GHz
172.20.100./24 - Wired Server
The only network working as intended is my Wired PC network which is able to traceroute/ping all devices outside the network but any of those devices cant ping/traceroute back to the Wired PC or any other device if outside its own network
I’ve added a screenshot of a Putty connecting to the Wired server but ping is not being able to be sent to the Wired PCs IP and the configuration file
Firewall active on Proxmox ?
Check that first. When you ping FROM Proxmox (initiated) the return packets are probably allowed in…
If you ping remotely TO the Proxmox, they might be blocked immediately…
Looks like you need to rule out some things. There are a couple of tools you can use to figure out where the packet loss is coming from.
If you add a basic firewall filter rule to the hAP that allows traffic from ether3 to ether2 and then turn on logging for this rule, you can see which packets are being forwarded by the router.
Now when you try to reach those devices, is the router successfully forwarding the traffic through? How about if you switch the filter rule the other way around?
Remember that with no filter rules, packets are accepted by default - which means if you don’t see them in your logs, they aren’t reaching the hAP.
Trying pinging from the Mikrotik itself - if the devices you are trying to speak to don’t respond to pings from here, maybe they won’t respond to pings at all?
Are those devices picking up their DHCP leases properly and using the hAP as their gateway? When they traceroute do they hit the hAP first?
Your setup is nice and simple, use the tools that Mikrotik provides to pin-point where the packets get lost and ask the question why… have fun exploring!
I checked this previously, as when the wireless devices are pinged the same situation occurs and all firewalls have been double-checked for pinging, Thanks for the suggestion tho!
Thank you so much for this. I’ve used all of these methods and with the info, I’ve gathered I’m still very stuck. My TCP connections were coming through on the Logs same with the Pings when doing the logs they came through as
forward: in:ether3 out:ether2, src-mac 5c:b9:01:3b:ea:00, proto ICMP (type 8, code 0), 172.20.100.253->172.20.1.254, len 84
to me, this seems that the ping was somewhat successful but in the same case the Proxmox was still coming back as unsuccessful. Is this me not understanding the Log?
With the traceroute and gateway that’s all coming through the hAP as the gateway and going to it first and dropping when reaching the gateway.
Thank you so much for the extra help. All of this is helping!!!
