ISP Modem provides Mikrotik with IP - How do I route Wifi to it?

Good day everyone

I currently have the following setup which I will talk through:

Here is what my setup looks like

• My ISP provided me with a 4G router. It is a DLink Archer MR600.
• The DLink router IP address is 192.168.1.1
• I have my own personal Mikrotik AX Lite (L41G-2axD) running Router OS 7.10.1
• When I plug the DLink into my Mikrotik (eth0), my Mikrotik gets IP 192.168.1.100 from the DLink (I made it static on the DLink so it never changes).
• I then created a WiFi network on my Mikrotik and put both the WiFi network and eth0 in the same bridge, and everything works as expected (WiFi work and all clients get IP addresses and can connect to the internet)

But, what if I want to create another WiFi network (lets call it new_wifi) on the Mikrotik with its own DHCP server (not using a bridge), how would I route the traffic from new_wifi out to eth0 so clients can have internet?

I followed this post: http://forum.mikrotik.com/t/route-ip-to-specific-gateway/128459/1 but I can’t seem to get things to work correctly. new_wifi gives out an IP address to the clients connecting to it, but it does not have internet.

Any assistance will be much appreciated.

Lets be clear.

In the first instance you were using the mikrotik more as a switch/AP no routing etc.
In the new world of which you want, it would seem you want the MT to be a wifi router.

in this case
you will need a more router like setup
NO IP DHCP client settings required
but as a minimum…
/ip address
ip address=192.168.1.100/24 interface=ether1 network=192.168.1.0

/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1

If you want more than one subnet then consider vlans…

Thank you for the quick reply anav.
When you say “NO IP DHCP client settings required” do you mean I should disable DHCP on the dlink router and then just assign ip 192.168.1.100 to eth0 on my mikrotik?

No not at all. The dlink is suppled by the ISP and is doing its job providing you with a private IP.
Its up to you if you want to use any other ether ports on the dlink to use its lan network etc..

Personally I would use the MT as the router and set it up as you desire.
The good thing is you can forward ports from the dlink to the MT if you want to setup wireguard etc…

Can you think of any reason NOT to use the MT as the main router for your network??

Using the ISP router to give IP via DHCP makes sense. I just didn’t understand your sentence fully that is why I asked.

Your post helped me a lot, thank you! My route now actually says “connected” where it previously did not connect. Here is what I did as per your prvious post:
I assigned the address to the interface: ip address=192.168.1.100/24 interface=ether1 network=192.168.1.0
I added the route: add dst-address=0.0.0.0/0 gateway=192.168.1.1

I still dont have internet when connecting a device to the wifi_new network. If you don’t mind, can you please have a look at my config? I must be missing something so obvious.
(I want to use connection and route marking though so I can route only traffic from this wifi network via ether1. I removed the unnecessary things from the config export like unused interfaces)

[admin@MikroTik] > interface/ print 
Flags: R - RUNNING; S - SLAVE
Columns: NAME, TYPE, ACTUAL-MTU, L2MTU, MAX-L2MTU, MAC-ADDRESS
 #    NAME             TYPE    ACTUAL-MTU  L2MTU  MAX-L2MTU         
 7 R  mtn_route_test2  wifi          1500                   



[admin@MikroTik] > ip address/ print 
Columns: ADDRESS, NETWORK, INTERFACE
# ADDRESS            NETWORK       INTERFACE      
;;; defconf
0 192.168.88.1/24    192.168.88.0  bridge         
1 192.168.80.200/24  192.168.80.0  mtn_route_test2
2 192.168.1.100/24   192.168.1.0   ether1 



[admin@MikroTik] > ip dhcp-server/ print  
Columns: NAME, INTERFACE, ADDRESS-POOL, LEASE-TIME
# NAME                 INTERFACE        ADDRESS-POOL         LEASE-TIME   
1 mtn_route_test_dhcp  mtn_route_test2  mtn_route_test_pool  30m       



[admin@MikroTik] > ip dhcp-server/network/ print 
Columns: ADDRESS, GATEWAY, DNS-SERVER
# ADDRESS          GATEWAY       DNS-SERVER  
0 192.168.80.0/24  192.168.80.1  192.168.80.1



admin@MikroTik] > ip route/ print  
Flags: D - DYNAMIC; A - ACTIVE; c, s, y - BGP-MPLS-VPN
Columns: DST-ADDRESS, GATEWAY, DISTANCE
#     DST-ADDRESS      GATEWAY          DISTANCE
  DAc 192.168.1.0/24   bridge-mtn              0
  DAc 192.168.80.0/24  mtn_route_test2         0
  DAc 192.168.88.0/24  bridge                  0
0  As 0.0.0.0/0        192.168.1.1             1



[admin@MikroTik] > ip firewall/mangle/ print 
Flags: X - disabled, I - invalid; D - dynamic 
 3    chain=prerouting action=mark-connection new-connection-mark=mtn_route_test_mark passthrough=yes dst-address-type=!local in-interface=mtn_route_test2 log=no log-prefix="" 
 4    chain=prerouting action=mark-routing new-routing-mark=mtn_route_table passthrough=no connection-mark=mtn_route_test_mark in-interface=mtn_route_test2 log=no log-prefix="" 



[admin@MikroTik] > ip firewall/nat/ print 
Flags: X - disabled, I - invalid; D - dynamic 
 1    chain=srcnat action=masquerade out-interface=ether1 log=no log-prefix=""

I am happy to report that my new_wifi network is working! This is where I made my mistake:

The broken config is line 2 “192.168.80.200/24”. I changed it to “192.168.80.1/24” now it is working

0 192.168.88.1/24    192.168.88.0  bridge         
1 192.168.80.200/24  192.168.80.0  mtn_route_test2
2 192.168.1.100/24   192.168.1.0   ether1

I thought that giving the address 192.168.80.200/24 will mean that the mikrotik gateway is 192.168.80.200/24 but that is not the case. Some more reading to do about what ip/address actually does.

Thanks anav for your help!

No problem in future the way to post a config is to use the command
/export file=anynameyouwish.


Then go to files and download the file to your pc, use notepadd++ to opend it.
Remove router serial number and any public WANIP information prior to posting,.

Sweet, thanks!