Hotspot and LAN services

Good Day.

I have a strange problem. I setup hotspot on an existing network by setting my mikrotik as the gateway and simply swapping it out for the Cisco that was there. The hotspot is fine and running well. The problem now comes in on the local LAN services. People who once had shared files and documents can no longer access each other. It is very unstable but basically it is unusable. I created accounts for the pc with the shared content as well as the pc that was trying to access the content. Both can access the internet with no problems but not the local file sharing. I also tried to IP bind and bypass hotspot completely without success.

For 2 reasons i have come to this conclusion. Firstly if i swap back the cisco router or disable the hotspot config from the mikrotik, the network stabilizes. I have searched the forums and found no success to this problem at all.

I tried the following from other topics/suggestions.

add chain=input protocol=tcp dst-port=21,22 action=accept
add chain=input protocol=udp dst-port=69 action=accept
add chain=input protocol=tcp dst-port=137-139 action=accept
add chain=input protocol=udp dst-port=137-139 action=accept
add chain=input protocol=tcp dst-port=445 action=accept
add chain=forward src-address=10.10.10.0/24 dst-address=10.10.10.0/24 action=accept

This was placed at the top of my firewall>filter

I also tried to enable upnp and SMB as well as Walled Garden without any luck. ip>hotspot. set 0 address-pool=none has been mentioned a few times to do with ARP poisoning. This was set to none by default.

Here are the other topics I found regarding this issue.
http://forum.mikrotik.com/t/file-shareing-problem-useing-hotspot/55572/1
http://forum.mikrotik.com/t/local-sharing/49339/1
http://forum.mikrotik.com/t/um-hotspot-local-lan-shares-unstable/35830/1
http://forum.mikrotik.com/t/hotspot-local-network/27559/1

There are 2 screenshots attached. The first (fig.1) is from my pc trying to ping the pc with shared content and the second (fig.2) is what happens after the mikrotik is rebooted. All seems to work after a reboot, but then with eventually stop pinging and revert to fig.1. Note that both pcs are connected directly to the wlan interface on a test router i set up at my office to try and replicate the scenario. This also proves that the problem is not network specific but to do with the hotspot setup itself.

Any help would be greatly appreciated.
Mikronab

You must disable the 1:1 NAT in the hotspot. Otherwise, the hotspot will ARP poison the localnet.

/ip hotspot
set 0 address-pool=none

hi. thanks for the response. yeah ive seen this mentioned many times in other topics, but since it was set to that by default, is there much else i could do?

ive got a setup in my office im playing with now. if i find anything ill share.

I have never seen “address-pool=none” on any of my hotspots by default. If you used the setup for the hotspot, it assigns that to the address pool used by the dhcp server on that interface.

That is weird. I could have sworn I saw that once before, but you are right, it is not “none” by default. Regardless, I had set “address-pool=none” and it made no change. I took a new 1100AH to site because of network load and installed without any problems (and after switching to “address-pool=none”). That was last week; i am going back to site and will revert. Hopefully all is still well.

On a separate note, would you be able to help with PCC and Hotspot on the same site? Ironically the first device i set up worked like a charm with PCC but not on the LAN. This second router now stops all network traffic from both WAN ports (ISP1 and ISP2) as soon as I enable the second WAN interface. I have had no experience with getting both to work on the same router before. The previous device was a 750 and as you can see from the config of the 110AH i used different switch chips for each wan (ISP1 was ether11 and ISP2 was ether12). Could it be that or something to do with hotspot=auth in mangle?

Thanks for the help so far!
grey.txt (17.8 KB)