We currently have a Netgear WiFi Router that connects to a Comcast Internet with a Static IP and then to our Netgear Switch. I have added a Mikrotik CRS as another switch and that is working fine. I have purchased a Routerboard 1100AHx2 which I would like to use to replace the Netgear as our main Internet router.
Using the QuickSet, I setup the WAN side with the exact same static IP, Subnet, GW and DNS servers as the Netgear and gave it the same IP address on the LAN side. I checked to bridge all ports and checked NAT. I removed the Netgear and replaced it with the RB and I could access it via the MAC or IP using Winbox just fine. Using the tools, I could ping from the RB to anything on the LAN side and on the WAN port of the RB. However, it will not route anything over the Internet. DNS servers do not resolve and I cannot ping the DNS server.
If I remove the RB and put back the Netgear, I’m able to ping the DNS servers, Google and etc.
QUESTION: After setting up with QUICKSET, is there something else I must do to enable basic routing over the Internet Connection?
Hi ,
i don’t recommend QuickSet , configure your router manually , go to IP/Addresses , IP/DNS and IP/Routes see what happens ! add some DNS server manually
To initially setup, I use QuickSet and set it up with:
Internet (Our Current LAN Network)
IP: 192.168.1.3
SN: 255.255.255.0
GW: 192.168.1.10
DNS: 192.168.1.10
LAN (A new network)
IP: 192.168.2.1
SN: 255.255.255.0
GW: 192.168.2.1
DNS:
Check DHCP (192.168.2.100-192.168.2.199)
Check Bridge All Ports
Check NAT
When I do this, I connect my laptop to one of the router ports and I get 192.168.2.100 and am able to ping all assets on the 192.168.2.x and 192.168.1.x networks. Also, I am able to browse the web and perform ping/traceroute to google.com. All is good.
I then turn off the Internet modem and current WiFi/Router. Using Quickset, I change the Routerboard to:
Internet Static IP: 1.1.1.1
Internet Subnet: 255.255.255.252
Internet GW IP: 1.1.1.2
DNS: 4.4.4.4 | 5.5.5.5
I then save and shutdown the Routerboard. I connect the Routerboard to the modem and to the switch. I turn on the modem and let it boot. Then I boot the routerboard. I can ping all local assets (192.168.1.x) and I can ping the public side of the router (1.1.1.1). However, I cannot ping the PUBLIC gateway, DNS servers nor can I resolve any domain names. I cannot ping or traceroute to google.com.
I’m thinking there is just something not quite right in the Routerboard. To test, I’m going to connect an Apple Airport this evening with the public/private settings I’m trying to use to make sure it works. If it does, then I know the ISP is fine but it is just my Routerboard.
Quickset is only intended to be used from a blank router setup.
Setup it as how you think it should be for Internet router role, then open a new terminal and issue:
/export hide-sensitive
then post the output here (edit out public IPs network bit with letters).
some points to check:
You cannot bridge all ports, the WAN port should be unbridged. that could be the problem on your first try.
Other things being right, most probable cause for this (the router itself pings internet but the lan behind it doesn’t) is NAT doing masquerade on the wrong interface, or the nat rule having other parameters wrong.
Thank you for the response and the suggestions. This evening when the office closes, I will try your suggestions. I’m leaning towards the bridge possibility you mentioned. Thank you!
not sure if this helps, but you could try and clone the MAC of your old router to the WAN interface of the MikroTik. This way you’ll go around possible ARP issues, plus if the provider locks onto the MAC address, they’ll think you are still using the old router..
I set it up and I noticed that under Routes, the route to 0.0.0.0 going through my Internet GW (1.1.1.2) is unreachable. I imagine this is the issue. To be safe, I spoofed the MAC address to match the Netgear device, just in case my ISP required a certain MAC (even though they told me they do not.)
Since I’m setting the Internet IP to static, why would it say, “add dhcp-options=hostname,clientid interface=ether1” in the config below? I would think it would either not be there at all.
Below is what I get, edited with my fictitious IP info I outlined earlier:
[admin@MikroTik] > /export hide-sensitive
I have tried everything I can think of to get this to work. However, the route for 0.0.0.0/0 over the Internet GW is always unreachable. My ISP is Comcast, so I think I’ll look on their forums. Anyone know of any funky things with setting up a static public IP and connecting to their business modem? (Not a router)
After further review of your suggestion, this will not work. The 1.1.1.120 network (NOT 1.1.1.0 as you suggest) is because the subnet for ether1 is 255.255.255.252, not 255.255.255.0. So, when I go into the IP address, I cannot change the network to 1.1.1.0 as the it automatically changes it back. I did try changing my subnet to 255.255.255.0 and I tried 255.255.0.0. In both cases, the rout then said it was reachable, however, I still could not ping google.com, 75.75.75.75 and etc.
Thank you, again, for your response and help. Sorry for the confusion when I put fake IPs in. I mislead you. I will show the last two octets of the real IP addresses so that might be better:
Internet IP: x.x.9.121
Subnet: 255.255.255.252
Internet GW: x.x.69.122
I will try to re-export and post with only hiding the first 2 octets.
So, after getting totally frustrated I decided to look at the netgear for the 1billionth time to find something that I was missing. That’s when my eyes saw something I had overlooked so many times…my ip is supposed to be x.x.69.121, not x.x.9.121. UGH! I looked at that line by line so many times.
Thank you for your help, though. I totally sent you down the wrong rabbit hole.
