Invalid DHCP server

alberto464 · June 14, 2022, 7:30pm

Hi, I’m trying to set up a DHCP server with IP 192.168.88.XX but when I create it via the setup wizard it tells me it’s invalid. Where am I doing wrong?

I need the DHCP server to connect those devices without static IP, which often change in the network.

# jun/14/2022 21:23:57 by RouterOS 7.3
/interface lte
set [ find ] allow-roaming=no band="" name=lte1
/interface ethernet
set [ find default-name=ether1 ] arp=proxy-arp
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
/interface lte apn
set [ find default=yes ] apn=APN authentication=pap ip-type=ipv4 name=LTE use-network-apn=no user=USERNAME
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip address
add address=192.168.88.1/24 interface=ether1 network=192.168.88.0
add address=82.134.200.140/24 interface=ether1 network=82.134.200.0
/ip dns
set servers=8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat comment="" \
    out-interface=lte1 src-address=192.168.88.0/24

rextended · June 14, 2022, 7:36pm

You do not specify what model is it, and you have deleted default config.
Simply reset to default the device and all act as intended/wanted.

alberto464 · June 14, 2022, 7:40pm

The model is: RBwAPR-2nD

Yes I have deleted the default configuration because I like to experiment and learn, for that now I am trying to implement DHCP by hand, I would like to understand where I am wrong

rextended · June 14, 2022, 7:42pm

The first error that is made, is delete the default config = delete all firewall rules.

At least, export the config like you do with /export and see how is configured the device,
and save for reference…

You can learn more from export than ask only some question on forum…

And about quick setup: if you read the forum, do not work, and if for some reason work, do not use again that a second time…

rextended · June 14, 2022, 7:49pm

/ip pool
add name=dhcp-pool ranges=192.168.88.101-192.168.88.199

/ip dhcp-server
add address-pool=dhcp-pool disabled=no lease-time=1w name=dhcp interface=ether1

/ip dhcp-server network
add address=192.168.88.0/24 dns-server=1.1.1.1,8.8.8.8 gateway=192.168.88.1 netmask=24 ntp-server=193.204.114.232,193.204.114.233

rextended · June 14, 2022, 7:51pm

Poi ci sono altri errori di configurazione, ma questa è un’altra storia…

Se non l’hai già fatto:

/interface lte firmware-upgrade lte1 upgrade=yes

e poi:

/sys clock set time-zone-autodetect=no time-zone-name=Europe/Rome
/sys ntp client set enabled=yes primary-ntp=193.204.114.232 secondary-ntp=193.204.114.233

alberto464 · June 15, 2022, 11:16am

rextended:

Poi ci sono altri errori di configurazione, ma questa è un'altra storia...

Se non l'hai già fatto:
/interface lte firmware-upgrade lte1 upgrade=yes
e poi:
/sys clock set time-zone-autodetect=no time-zone-name=Europe/Rome
/sys ntp client set enabled=yes primary-ntp=193.204.114.232 secondary-ntp=193.204.114.233

Thank you! This is a great tip that is much appreciated.

/ip pool
add name=dhcp-pool ranges=192.168.88.101-192.168.88.199

/ip dhcp-server
add address-pool=dhcp-pool disabled=no lease-time=1w name=dhcp interface=ether1

/ip dhcp-server network
add address=192.168.88.0/24 dns-server=1.1.1.1,8.8.8.8 gateway=192.168.88.1 netmask=24 ntp-server=193.204.114.232,193.204.114.233

Thank you! These commands helped me understand what are the best configurations to create a DHCP server. I also understood that I was not making a mistake, but simply the writing "Invalid" appeared in the DHCP server because I did not have a PC connected to the Ethernet port.
In fact, even with your commands the writing invalid appears if I disconnect it, why?

After configuring the DHCP server, some clients when I connect them I see that they don't get the LAN IP. If I go to the "Leases" section I see it in the "Offered" state. The client is in DHCP and even if I restart it it does not take the LAN IP.
With the default configuration of the Mikrotik it works. I tried to do a comparison with exporting the default configuration, but I can't find the error.

Ps. I saw that you speak Italian like me, if a language other than English is allowed in the forum we can easily continue in Italian.

rextended · June 15, 2022, 11:21am

Ok, repost actual config with /export and do not omit anything (remove only serial number)
censore (not delete) public IPs, e-mails, usernames and passwords.

(IT: Fammi dara un’occhiata a come è configurato ora)

alberto464 · June 15, 2022, 11:40am

Sure!

# jun/15/2022 13:37:03 by RouterOS 7.3
# software id = 3PWC-R7A2
#
# model = RBwAPR-2nD
/interface lte
set [ find ] allow-roaming=no band="" name=lte1
/interface ethernet
set [ find default-name=ether1 ] arp=proxy-arp
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
/interface lte apn
set [ find default=yes ] apn=DELETE authentication=pap ip-type=ipv4 name=APN use-network-apn=no user=DELETE
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp-pool ranges=192.168.88.101-192.168.88.199
/ip dhcp-server
add address-pool=dhcp-pool interface=ether1 name=dhcp
/ip address
add address=192.168.88.1/24 interface=ether1 network=192.168.88.0
add address=82.134.XXX.XXX/24 interface=ether1 network=82.134.XXX.0
/ip dhcp-server network
add address=192.168.88.0/24 dns-server=1.1.1.1,8.8.8.8,8.8.4.4 gateway=192.168.88.1 netmask=24 ntp-server=\
    193.204.114.232,193.204.114.233
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall nat
add action=masquerade chain=srcnat comment="Navigazione Rete Lan" out-interface=lte1 src-address=192.168.88.0/24
add action=dst-nat chain=dstnat comment="Router principale" dst-port=44063 protocol=tcp to-addresses=192.168.88.2 to-ports=44063
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=93.175.XXX.XXX/32,192.168.88.0/24
set ssh disabled=yes
set api disabled=yes
set winbox address=93.175.XXX.XXX/32,192.168.88.0/24
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Rome
/system ntp client
set enabled=yes
/system ntp client servers
add address=193.204.114.232
add address=193.204.114.233

(Grazie mille per l'aiuto)

rextended · June 15, 2022, 11:41am

What is the LTE modem model inside?

alberto464 · June 15, 2022, 11:48am

Not sure if this is what you are looking for. On the back label it says: R11e-LTE.
Product: RBwAPR-2nD & R11e-LTE

rextended · June 15, 2022, 11:50am

ok, is R11e-LTE,
one moment…

rextended · June 15, 2022, 11:53am

Paste this on terminal, { and } included

{
/interface bridge
add name=bri-lan protocol-mode=none

/interface bridge port
add bridge=bri-lan interface=ether1
add bridge=bri-lan interface=wlan1

/interface lte
set [ find ] band=1,3,7,20

/interface ethernet
set [ find default-name=ether1 ] arp=enabled

/ip dhcp-server
set [find] interface=bri-lan

/ip address
set [find] interface=bri-lan

/ip dns
set servers=1.1.1.1,8.8.8.8

/ip dhcp-server network
set [find] dns-server=1.1.1.1,8.8.8.8

/tool sms
set port=lte1 receive-enabled=yes
}

but remember: you are without firewall…

and for optimize wifi

/interface wireless
set [ find default-name=wlan1 ] band=2ghz-g/n distance=indoors installation=indoor \
   max-station-count=62 mode=ap-bridge radio-name="AP MikroTik" scan-list=2412-2472:5 wireless-protocol=802.11 wps-mode=disabled

mkx · June 15, 2022, 1:25pm

Because if nothing is connected to ether1, then interface is "not running" and DHCP server on non-running interface is invalid. Mostly used default config has a bridge with multiple RJ45 ports members (wireless as well if device supports that) and DHCP server is then bound to bridge interface which is (AFAIK) never "not running", so DHCP server doesn't become invalid even if none of bridge member ports is running/active/up.

alberto464 · June 15, 2022, 7:37pm

Thank you very much, I did some tests on the Firewall but I can't find the rules that are good for my case, after I will open a new thread to ask for advice explaining my use case well.

Thanks for the great explanation. Now it's clear.