Goal is to use the hEX as the PPPoE router for my fibre connection with 360/70 speeds. All other eth ports can be used to connect to the internet - if this is not possible / recommended, that’s ok, dumb switch are cheap. Learning curve is indeed steep, quite fun.
Try #1 - Failed
First setup, I removed all config and started from scratch, using the quickset. I was able to get internet access on eth2, although I had no firewall. So I added the default firewall rules, then lost access to the hEX (I know, safe mode, I know now (: ) so I reset it.
Try #2 - Nearly there
I left the default config intact and used quickset to configure PPPoE. Router can go to the internet (pinging google from the terminal works) but no device from any eth port gets internet access. Attached config for this try. Where am I going wrong?
I have followed many guides, youtube video, posts here - sorry I was not able to find the problem. It’s probably something pretty obvious, but we learn from our mistakes. Thank you!! 17.03config.rsc (3.08 KB)
(1) The IP address of your LAN network should be interface bridge!!!
/ip address
add address=192.168.1.1/24 comment=defconf interface=ether2 network=
192.168.1.0
(2) DISABLE or remove THIS rule as your internet is done through pppoe /ip dhcp-client
add comment=defconf interface=ether1
(3) You forgot to change an entry from the default .88 settings! From:
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf dns-server=192.168.88.1 gateway=
192.168.1.1 netmask=24
TO:
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf dns-server=192.168.1.1 gateway=
192.168.1.1 netmask=24
(4) FROM
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
TO
/tool mac-server
set allowed-interface-list=NONE { not a secure access method and should be set to NONE }
/tool mac-server mac-winbox
set allowed-interface-list=LAN
thank you anav!!
working smoothly now. I’ll save this config, so I can revert back to one that works.
next on my list are changing the DNS to the local pihole + enabling remote access to the NAS via reverse proxy. wish me luck!
