I have used RouterOS in the past and have had no issues, but now I can not route from LAN to Internet. From the router I can ping an internet address. From a client, I can ping the LAN address but not the WAN address.
I have setup NAT masquerade and my ISP is handing me a default route. Here is the pertinent config sections:

/interface ethernet
set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1518 mac-address=00:0C:42:19:2D:D3
master-port=none mtu=1500 name=“HiWAAY DSL” speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1518 mac-address=00:0C:42:19:2D:D4
master-port=none mtu=1500 name=“GUR LAN” speed=100Mbps

/interface pppoe-client
add ac-name=“” add-default-route=yes allow=pap,chap,mschap1,mschap2 comment=
“” dial-on-demand=no disabled=no interface=“HiWAAY DSL” max-mru=1480
max-mtu=1480 mrru=disabled name=“HiWAAY PPPoE” password=**********
profile=default service-name=“” use-peer-dns=yes user=
******@dsl.hiwaay.net

/ip firewall nat
add action=masquerade chain=srcnat comment=“” disabled=no src-address=
172.16.16.48
add action=masquerade chain=srcnat comment=“” disabled=no out-interface=
“HiWAAY PPPoE”

/ip route
add comment=“” disabled=no distance=1 dst-address=172.16.16.49/32 gateway=
“GUR LAN”

Please help! I am converting back to RouterOS from Juniper and this is driving me crazy!!!

I think the out-interface on the masquerade should be “HiWAAY DSL”. The “HiWAAY PPPoE” is the name assigned to the pppoe, not the interface.

The “/ip route” entry should be
/ip route
add gateway=172.16.16.49

No dst-address entry there! Or use dst-address=0.0.0.0/0

First, thank you for your reply.

I tried each one of your suggestions individually and together and it did not work.

I am at a loss…

You can ping remote ips from the router, but not from clients on the localnet? How does the localnet clients get their ip/subnet/gateway/dns? Static or dhcp?

DHCP

What ip/subnet/gateway is being issued? Is the gateway issued the same ip that is assigned to that interface in “/ip address”? Check on the client in question.

Yes, DHCP is providing valid IP’s/DNS/Gateway info to the clients. I verified by the ipconfig /all command within the Windows command line.

Thanks again for your help. It is most appreciated.

OK! Then you can ping that localnet gateway from the client. Can you ping the ip address of the wan interface? If it is DHCP, look for a dynamic assignment in “/ip address” for interface “HiWAAY DSL”.

I can ping the LAN interface from the client but not the WAN interface.

I have a static public IP and I can ping other public IP’s, but only from the router.

This seems to be a problem with routing from the LAN to the WAN…

I would try this:

/ip firwall nat
add chain=srcnat action=masquerade out-interface=“HiWAAY DSL”

Then remove those other srcnat rules. Try the ping to the wan ip again. Until you get that, the localnet won’t be able to go through the router.

If you don’t mind, or can change the public ip to xx.xx.xx.xx/24, please post “/ip address” and “/ip route”.

I’ll try this when I get home tonight. It seems as though I have already tried changing the interface to the HiWAAY and not the PPPoE…

The interface assigned your public ip determines what interface to use on the masquerade. Insure there is only one ip assigned to “HiWAAY DSL” in “/ip address”.

ADD: Insure there is no 192.168.88.1/24 assignment there. That is “stock” on all but the RB7xx routers.

This doesn’t mean you can’t assign more than one ip to the wan interface, but you can’t with masquerade. You must use “action=src-nat” and specify “to-addresses=xx.xx.xx.xx”
xx.xx.xx.xx is the ip (one of the multiple assigned to that interface) you want to “masquerade” as.

There is only a single IP addy on the WAN interface. I’ll post my whole config tonight.

If you block out your public ip with x’s, only the first three please. Leave the last octet intact along with the netmask. I’ll watch for your reply.

OK. Here is my config. I compared it to my old, working config from last year and the NAT config used the PPPoE interface and not the physical interface, but I tried both to no avail.

Thanks again for your help. I have been going crazy over this. I work for an ISP and I have a many years experience with Cisco & Juniper routers. I also used to program Mikrotik routers in the past, so I ain’t an idiot (though I feel like one now!).

[admin@MikroTik] > export

jan/02/1970 00:18:05 by RouterOS 3.30

software id = Z56K-SU07

/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes
comment=“” disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s
mtu=1500 name=“AP Bridge” priority=0x8000 protocol-mode=none
transmit-hold-count=6
/interface ethernet
set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1518 mac-address=00:0C:42:19:2D:D3
master-port=none mtu=1500 name=“HiWAAY DSL” speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1518 mac-address=00:0C:42:19:2D:D4
master-port=none mtu=1500 name=“GUR LAN” speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1518 mac-address=00:0C:42:19:2D:D5
master-port=“GUR LAN” mtu=1500 name=ether3 speed=100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1518 mac-address=00:0C:42:19:2D:D6
master-port=“GUR LAN” mtu=1500 name=ether4 speed=100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1518 mac-address=00:0C:42:19:2D:D7
master-port=“GUR LAN” mtu=1500 name=ether5 speed=100Mbps
set 5 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1514 mac-address=00:0C:42:19:2D:D8
master-port=none mtu=1500 name=ether6 speed=100Mbps
set 6 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1514 mac-address=00:0C:42:19:2D:D9
master-port=none mtu=1500 name=ether7 speed=100Mbps
set 7 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1514 mac-address=00:0C:42:19:2D:DA
master-port=none mtu=1500 name=ether8 speed=100Mbps
set 8 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1514 mac-address=00:0C:42:19:2D:DB
master-port=none mtu=1500 name=ether9 speed=100Mbps
/interface wireless security-profiles
set default authentication-types=“” eap-methods=passthrough group-ciphers=“”
group-key-update=5m interim-update=0s mode=none name=default
radius-eap-accounting=no radius-mac-accounting=no
radius-mac-authentication=no radius-mac-caching=disabled
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=
none static-key-0=“” static-key-1=“” static-key-2=“” static-key-3=“”
static-sta-private-algo=none static-sta-private-key=“”
static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=
none tls-mode=no-certificates unicast-ciphers=“” wpa-pre-shared-key=“”
wpa2-pre-shared-key=“”
/interface wireless
set 0 ack-timeout=dynamic adaptive-noise-immunity=none allow-sharedkey=no
antenna-gain=0 antenna-mode=ant-a area=“” arp=enabled band=2.4ghz-b
basic-rates-a/g=6Mbps basic-rates-b=1Mbps burst-time=disabled comment=“”
compression=no country=no_country_set default-ap-tx-limit=0
default-authentication=yes default-client-tx-limit=0 default-forwarding=
yes dfs-mode=none disable-running-check=no disabled=yes
disconnect-timeout=3s frame-lifetime=0 frequency=2412 frequency-mode=
manual-txpower hide-ssid=no hw-retries=4 mac-address=00:80:48:51:F2:76
max-station-count=2007 mode=station mtu=1500 name=wlan1
noise-floor-threshold=default on-fail-retry-time=100ms
periodic-calibration=default periodic-calibration-interval=60
preamble-mode=both proprietary-extensions=post-2.9.25 radio-name=
00804851F276 rate-set=default scan-list=default security-profile=default
ssid=MikroTik station-bridge-clone-mac=00:00:00:00:00:00
supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps
supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps tx-power-mode=default
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=
none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled
wmm-support=disabled
/interface wireless manual-tx-power-table
set wlan1 comment=“” manual-tx-powers=“1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,
6Mbps:17,9Mbps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps
:17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,
HT20-8:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40
-7:17,HT40-8:17”
/interface wireless nstreme
set wlan1 comment=“” disable-csma=no enable-nstreme=no enable-polling=yes
framer-limit=3200 framer-policy=none
/ip hotspot profile
set default dns-name=“” hotspot-address=0.0.0.0 html-directory=hotspot
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap
name=default rate-limit=“” smtp-server=0.0.0.0 split-user-domain=no
use-radius=no
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=
1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set default auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m
name=default pfs-group=modp1024
/ip pool
add name=dhcp-pool-1 ranges=172.16.16.51-172.16.16.62
/ip dhcp-server
add add-arp=yes address-pool=dhcp-pool-1 authoritative=after-2sec-delay
bootp-support=static disabled=no interface=“GUR LAN” lease-time=3d name=
“LAN DHCP”
/port
set 0 baud-rate=auto data-bits=8 flow-control=none name=serial0 parity=none
stop-bits=1
/ppp profile
set default change-tcp-mss=yes comment=“” name=default only-one=default
use-compression=default use-encryption=default use-vj-compression=default
add change-tcp-mss=default comment=“added by setup” name=pppoe-client-default
only-one=default use-compression=default use-encryption=default
use-vj-compression=default
set default-encryption change-tcp-mss=yes comment=“” name=default-encryption
only-one=default use-compression=default use-encryption=yes
use-vj-compression=default
/interface pppoe-client
add ac-name=“” add-default-route=yes allow=pap,chap,mschap1,mschap2 comment=
“” dial-on-demand=no disabled=no interface=“HiWAAY DSL” max-mru=1480
max-mtu=1480 mrru=disabled name=“HiWAAY PPPoE” password=XXXXXXXX
profile=default service-name=“” use-peer-dns=yes user=
xxxxxxxxx
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=
5
set default-small kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes comment=“” disabled=no
ignore-as-path-len=no name=default out-filter=“” redistribute-connected=
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no
redistribute-static=no router-id=0.0.0.0
/routing ospf area
set backbone area-id=0.0.0.0 authentication=none disabled=no name=backbone
type=default
/snmp
set contact=“” enabled=no engine-boots=0 engine-id=“” location=“”
time-window=15 trap-sink=0.0.0.0 trap-version=1
/snmp community
set public address=0.0.0.0/0 authentication-password=“”
authentication-protocol=MD5 encryption-password=“” encryption-protocol=
DES name=public read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100
disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=0.0.0.0:514 src-address=0.0.0.0
syslog-facility=daemon syslog-severity=auto target=remote
/system routerboard settings
set baud-rate=9600 boot-delay=2s boot-device=nand-if-fail-then-ethernet
boot-protocol=bootp cpu-frequency=175MHz cpu-mode=power-save
enable-jumper-reset=yes enter-setup-on=any-key force-backup-booter=no
set baud-rate=9600 boot-delay=2s boot-device=nand-if-fail-then-ethernet
boot-protocol=bootp cpu-frequency=175MHz cpu-mode=power-save
enable-jumper-reset=yes enter-setup-on=any-key force-backup-booter=no
/user group
add comment=“” name=read policy=“local,telnet,ssh,reboot,read,test,winbox,pass
word,web,sniff,sensitive,!ftp,!write,!policy”
add comment=“” name=write policy=“local,telnet,ssh,reboot,read,write,test,winb
ox,password,web,sniff,sensitive,!ftp,!policy”
add comment=“” name=full policy=“local,telnet,ssh,ftp,reboot,read,write,policy
,test,winbox,password,web,sniff,sensitive”
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=
no
/interface ethernet mirror
set mirror-port=none source-port=none
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=
default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=
default enabled=no keepalive-timeout=60 mac-address=FE:CD:D5:66:55:8A
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name=“” memory-limit=10
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=xxx.xxx.xxx.82/24 broadcast=xxx.xxx.xxx.255 comment=
“added by setup” disabled=no interface=“HiWAAY DSL” network=xxx.xxx.xxx.0
add address=172.16.16.49/28 broadcast=172.16.16.63 comment=“added by setup”
disabled=no interface=“GUR LAN” network=172.16.16.48
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=172.16.16.48/28 comment=“added by setup” dns-server=
216.180.122.2,216.180.99.2,8.8.4.4 gateway=172.16.16.49 netmask=28
ntp-server=17.254.0.28
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB
max-udp-packet-size=512 primary-dns=216.180.122.2 secondary-dns=
216.180.99.2
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s
tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall nat
add action=masquerade chain=srcnat comment=“” disabled=yes src-address=
172.16.16.48
add action=masquerade chain=srcnat comment=“” disabled=no out-interface=
“HiWAAY PPPoE”
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip neighbor discovery
set “HiWAAY DSL” discover=yes
set “GUR LAN” discover=yes
set ether3 discover=yes
set ether4 discover=yes
set ether5 discover=yes
set ether6 discover=yes
set ether7 discover=yes
set ether8 discover=yes
set ether9 discover=yes
set wlan1 discover=no
set “HiWAAY PPPoE” discover=no
set “AP Bridge” discover=yes
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0
parent-proxy-port=0 port=8080 serialize-connections=no src-address=
0.0.0.0
/ip route
add comment=“” disabled=no distance=1 dst-address=172.16.16.49/32 gateway=
“GUR LAN”
/ip service
set telnet address=0.0.0.0/0 disabled=no port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=80
set ssh address=0.0.0.0/0 disabled=no port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set “HiWAAY DSL” queue=ethernet-default
set “GUR LAN” queue=ethernet-default
set ether3 queue=ethernet-default
set ether4 queue=ethernet-default
set ether5 queue=ethernet-default
set ether6 queue=ethernet-default
set ether7 queue=ethernet-default
set ether8 queue=ethernet-default
set ether9 queue=ethernet-default
set wlan1 queue=wireless-default
set “HiWAAY PPPoE” queue=default
set “AP Bridge” queue=default
/radius incoming
set accept=no port=3799
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m
gateway-selection=no-gateway origination-interval=5s preferred-gateway=
0.0.0.0 timeout=1m ttl=50
/routing ospf
set distribute-default=never metric-bgp=20 metric-connected=20
metric-default=1 metric-rip=20 metric-static=20 mpls-te-area=unspecified
mpls-te-router-id=unspecified redistribute-bgp=no redistribute-connected=
no redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no
redistribute-connected=no redistribute-ospf=no redistribute-static=no
timeout-timer=3m update-timer=30s
/store
add comment=“” disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock
set time-zone-name=manual
/system clock manual
set dst-delta=+00:00 dst-end=“jan/01/1970 00:00:00” dst-start=
“jan/01/1970 00:00:00” time-zone=+00:00
/system console
add disabled=no port=serial0 term=vt102
/system health
set
/system identity
set name=MikroTik
/system logging
add action=memory disabled=no prefix=“” topics=info
add action=memory disabled=no prefix=“” topics=error
add action=memory disabled=no prefix=“” topics=warning
add action=echo disabled=no prefix=“” topics=critical
/system note
set note=“” show-at-login=yes
/system ntp client
set enabled=no mode=broadcast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=
0.0.0.0 user=“”
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=
none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=
100
/tool e-mail
set from=<> password=“” server=0.0.0.0:25 username=“”
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
add disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number=“” channel=0 keep-max-sms=0 receive-enabled=no secret=“”
/tool sniffer
set file-limit=10 file-name=“” filter-address1=0.0.0.0/0:0-65535
filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=
yes interface=all memory-limit=10 only-headers=no streaming-enabled=no
streaming-server=0.0.0.0
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
[admin@MikroTik] >

/ip route
add comment=“” disabled=no distance=1 dst-address=172.16.16.49/32 gateway=“GUR LAN”

I don’t understand this one. The gateway is normally an ip address. ??? And it has the wrong subnet mask for that network. If you entered this, I recommend removing it.

I think there should also be this:
add dst-address=0.0.0.0/0 gateway=xx.xx.xx.1
I presume the gateway for your public net issued by your ISP is xx.xx.xx.1 since the netmask was /24. That is normal. If they issued you another gateway, use it instead.

Can you show me the output of “/ip route print”? Then I can see more detailed info about the routes. Here is mine from a test router assigned public ip xx.xx.xx.119/27 with a gateway xx.xx.xx.97:

[admin@test] /ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY-STATE GATEWAY            DISTANCE INTERFACE
 0 A S  0.0.0.0/0                          reachable     xx.xx.xx.97        1        ether1
 1 ADC  xx.xx.xx.96/27     xx.xx.xx.119                                     0        ether1
 2 ADC  192.168.0.0/24     192.168.0.1                                      0        wlan1
 3 ADC  192.168.1.0/24     192.168.1.1                                      0        ether2

I’ll check tonight and post the results…

I also tried this on a RB433 (the 1st is a RB192) and got the same results.

I like puzzles, but this one is just crazy!

The 0.0.0.0/0 entry is added automatically when PPPoE logs in. It uses the PPPoE interface. My old config (from a year ago) did this too.

[admin@MikroTik] /ip route> print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit

DST-ADDRESS PREF-SRC G GATEWAY DISTANCE IN..

0 ADS 0.0.0.0/0 r x.x.x.254 1 HiWAYY PPPoE
1 ADC 172.16.16.48/28 172.16.16.49 0 et..
2 ADC xxx.xxx.xxx.0/24 xxx.xxx.xxx.82 0 et..
3 ADC xxx.xxx.xxx.xxx/32 xxx.xxx.xxx.82 0 Hi..
[admin@MikroTik] /ip route>

HELP! I wanna use Mikrotik as my router. I hate this Juniper I have running now.

Thank you so much for your time.

Something interesting:
While logged into the console, I used traceroute to 8.8.4.4 (Google DNS):

traceroute 8.8.4.4 src-address=172.16.16.49 and it works. 172.16.16.49 is the IP of ether2
traceroute 8.8.4.4 src-address=172.16.16.50 does NOT work. Nor does it work for 172.16.16.51 - 172.16.16.62

Whats up???

You can only traceroute from IPs that you actually have put on router interfaces.