In the house there is a main Mikrotik router and few (Ubiquiti) wireless access points. In one room there is “Mikrotik Chateau 12” router set-up as a wireless access point.
I added SIM card to that “Chateau” router and now I want to make it highly available wireless access point that turns into a router if main router or main router’s internet goes down. This means setting up firewall rules, dhcp server, setting up NAT. The reason why I am not setting up NAT and firewall rules right away (so it would be very straightforward) is because I would like to keep UPNP functionality of main router accessible to the computers, so online games can make use of upnp.
What are my options? Or script is the only way to go? Someone point me to the right direction.
Difficult to be specific without actual IP addresses. But let’s assume your main router is .1 and your Chateau is .2 on the same subnet. Default gateway for your devices is .1 so your main router is the decision making point.
On Chateau, make sure it has a default route to the Internet via LTE. If you have more than one internal subnet you will need to add routes to the Chateau for these, via the main router .1. Possibly these could be summarised.
You need firewall and NAT configured on the Chateau but only for traffic going to/from the LTE. That means it won’t interfere with normal operation where the Chateau is acting as an AP.
Main router, set default route via the Chateau with a higher distance that the existing default route via your normal main Internet
Main router, configure your normal default routes as “recursive” via one or more test IP addresses on the Internet. Ideally these would be related to your normal ISP, and it’s the loss of connectivity to these addresses that triggers failover.
There’s plenty of information about WAN failover and recursive routes, we can be more specific if you give details of exactly what you have configured at the moment.
Another possibility might be VRRP where the Chateau and main router share the virtual IP address, in this configuration the Chateau will take over as default gateway if the main router fails. But you still need the routing failover to deal with you main Internet failing but the router remaining alive.
I see your point, use Chateau as a gateway (without NAT) to the main router. It makes sense, but then how about upnp? It works on first router/gateway, isn’t it?
I am currently bridged Chateau’s all Ethernet ports and Wireless interfaces, so as I said Chateau is only an access point now.
Using the term gateway in a general sense yes. Have the wireless and any Ethernets all in one Bridge, Interface List “LAN”. Only the LTE would be in list “WAN” so NAT and firewall won’t affect traffic between wireless and Ethernet.
upnp isn’t something I use, but if I understand it correctly you’re using this to “register” internal devices so they can be reached from the Internet. Is that roughly correct? No static port forwarding configuration. I think if that’s the case you enable it on the Chateau as well.
As a first step once you have Internet, Firewall and NAT on your Chateau - try configuring a test route on your main router with the Chateau as the gateway. Check that this works.
Hi
Am a newby at this so can someone please confirm/advise if all I need to do to make chateau12 an access Point only is a Bridge configuration with a wireless internet isp connection on another device Quctel EP06-E Category 6 modem
Many thanks in advance
wolfbarn start your own thread if you have questions…
As to the OP, check out vrrf and seamless transitions…
FROM SINDY _- The good news is that it is part of RouterOS 7 scope:
[me@myTik] > interface/vrrp/export
The bad news is that as of now (7.2.rc1), it still doesn’t seem to actually synchronize the tracked connections (at least between the two of my lab CHRs), although the relevant data flow can be seen._ https://www.youtube.com/watch?v=8Naia0_ELww