ROUTER OS on an old x86 machine with two NIC cards. I've followed several tutorials, and I have ether1 on one subnet pulling IP address from DHCP. Ether2 is hotspot, and its working, authenticating users from the wireless AP on the same VLAN as ether2. However once authenticated, wireless user cannot ping the default gateway on ether1 to the internet. Any advice? I tried adding a route to the gateway, no luck.
mar/25/2014 20:10:49 by RouterOS 6.10
software id = EGTR-SSYQ
/interface ethernet
set [ find default-name=ether1 ] speed=1Gbps
set [ find default-name=ether2 ] speed=1Gbps
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
add dns-name=hotspot.westernreservepublicmedia.org hotspot-address=
192.168.13.20 login-by=http-chap name=hsprof1 nas-port-type=ethernet
use-radius=yes
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
mac-cookie-timeout=3d shared-users=100
/ip pool
add name=hs-pool-2 ranges=192.168.13.21-192.168.13.254
/ip dhcp-server
add address-pool=hs-pool-2 disabled=no interface=ether2 lease-time=1h name=
dhcp1
/ip hotspot
add address-pool=hs-pool-2 disabled=no interface=ether2 name=hotspot1
profile=hsprof1
/port
set 0 name=serial0
/tool user-manager customer
add backup-allowed=yes disabled=no login=adennis password=*******
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no
permissions=owner signup-allowed=no time-zone=-00:00
add backup-allowed=yes disabled=no login=HSAdmin parent=admin password=*****
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no
permissions=full signup-allowed=no time-zone=-00:00
/tool user-manager profile
add name=Guest name-for-users=Guest override-shared-users=unlimited owner=
admin price=0 starts-at=logon validity=0s
/tool user-manager profile limitation
add address-list="" download-limit=0B group-name="" ip-pool="" name=Guest
rate-limit-min-rx=5242880B rate-limit-min-tx=524288B rate-limit-rx=
5242880B rate-limit-tx=524288B transfer-limit=0B upload-limit=0B
uptime-limit=0s
/ip address
add address=192.168.13.20/24 interface=ether2 network=192.168.13.0
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no
interface=ether1
/ip dhcp-server network
add address=192.168.13.0/24 comment="hotspot network" gateway=192.168.13.20
/ip dns
set allow-remote-requests=yes servers=192.168.10.109,192.168.10.52
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="masquerade hotspot network"
src-address=192.168.13.0/24
/ip upnp
set allow-disable-external-interface=no
/radius
add address=127.0.0.1 secret=*********** service=hotspot timeout=3s
/system identity
set name=WesternReservePublicMedia_1
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set ether1 disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s
set ether3 disabled=yes display-time=5s
/system ntp client
set enabled=yes primary-ntp=70.33.227.188 secondary-ntp=173.230.158.30
/tool user-manager profile profile-limitation
add from-time=0s limitation=Guest profile=Guest till-time=23h59m59s weekdays=
sunday,monday,tuesday,wednesday,thursday,friday,saturday
/tool user-manager router
add coa-port=1700 customer=admin disabled=no ip-address=127.0.0.1 log=
auth-ok,auth-fail,acct-ok,acct-fail name=WesternReservePublicMedia_1
shared-secret=wrpm4549secret use-coa=no
/tool user-manager user
add customer=admin disabled=no name=guest password=guest shared-users=
unlimited wireless-enc-algo=none wireless-enc-key="" wireless-psk=""