Hello,
I have a hAP ac lite and would like to use it in the following way:
I have a regular router (NETGEAR) with a cable modem (USA). It works as an AP in 2.4G and wired router. Everything is good except signal on the second floor and I have no way to conduct a cable there.
I also have a hAP which I want to use to solve the problem. The idea consists of two parts:
I put Microtic somewhere in the middle or also at the second floor but with direct line of sight to NETGEAR. I connect Microtik’s WiFi to Netgear as a regular client. Everything else on the second floor i connect through ethernet to the Microtic. I’d like to have a common subnet so that everyone connected directly to NETGEAR have access to everyone connected to Microtic. DHCP server is also on NETGEAR only.
Also I’d like have the same access if someone is connected to Microtic’s 5G as to AP on the second floor. Just a transparent network everyone has access to everyone and the same subnet.
What I have done.
I read that Microtic needs to be in a simple switch mode.
I updated to the most recent FW, reset its config, it’s totally clean and no default config. I decided to have the first step done yet and just disabled 5G.
I put all interfaces under one bridge.
I made 2.4G as a station and connected to my NETGEAR telling credentials
I set up DHCP client for the bridge.
No NAT, no firewall
This setup works… unstable I would say. The issue is that just few times I had IP address issued by DHCP server, most of time DHCP client is searching. But when it was issued Mikrotik had access to NETGEAR and internet. But no one connected to the Mikrotic through a cable had an access to anywhere other that to Mikrotik. Even if I set up IP address on microtik’s clients manually - no access to the internet.
So two issues:
something wrong with IP address lease
no access from clients connected to Mikrotik
I assumed something is wrong with WiFi connection (definitely not signal power as these tests have been done close to the netgear). I eliminated WiFi and connected microtik to the Netgear through a cable. No issues with IP leasing and Mikrotik’s clients have internet access either. Just a regular wired switch.
Config:
/interface bridge
add fast-forward=no name=bridge1 protocol-mode=none
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n frequency=2422 name=wlan2.4
ssid=NETGEAR48
set [ find default-name=wlan2 ] band=5ghz-n/ac mode=ap-bridge name=wlan5 ssid=
MikroTik
/interface list
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods=“” mode=
dynamic-keys supplicant-identity=MikroTik wpa2-pre-shared-key=mypassword
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge port
add bridge=bridge1 interface=LAN
/interface list member
add interface=ether1 list=LAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=wlan5 list=LAN
add interface=wlan2.4 list=LAN
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=bridge1
/system clock
set time-zone-name=America/Los_Angeles
/system routerboard settings
set silent-boot=no
Questions:
How to allow connection from Microtik’s wired clients if Mikrotic is connected through WiFi?
What’s wrong with my WiFi connection? I have a very unstable DHCP client?
How to implement step #2? Mikrotic should be an 5G AP and transparent to the others.
Seems like something is wrong with wireless connection. When I turn wlan5 on I do see in a few seconds connection in Registration tab of wireless window in WinBox. And now seems like it leases IP through DHCP more often. And this DHCP is correct: it’s from my subnet and I do see it in the list of attached devices on my main router.
But! I can’e even ping my router from microtic, I think before i could And i can’t make a MAC ping.
That is strange. From one side - no ping, but IP address is leased, that means there is a data transactions.
How can i debug it?
Amazing. I can connect to mikrotik from another computer in the same network through WiFi, before I could do it only with wired connection directly to Mikrotik. But I can do that only in MAC connection mode in winbox. Nothing relate to IP level works. May that’s a clue? But not for me.
Both solution do use NAT, so your Wifi does only see the MT Router and no client hidden behind it.
This will connect to a wifi network and share it out both on wifi and on the swithch ports.
External Wifi in this test is Guestnett no security
Inside Wifi ssid:Inside wpa2 ssid:Test1234
Here is the same setup, except this does connect to an encrypted network.
External Wifi in this test is Work wpa2 ssid:Secret1
Inside Wifi ssid:Inside wpa2 ssid:Test1234
have you tried to start with quickset: CPE?
On the left side you scan for the SSID and provide the password and you can connect to the network.
On the right side use bridged mode, uncheck DHCP, NAT, firewall etc. and select: bridge all LAN ports together.
Once that done leave quickset (and never come back as they say ) and connect to the Mtik via LAN interface and WInbox MAC address
and add a virtual Wifi AP interface and make it part of the bridge. Give it same SSID and password etc, as your main AP.
And i can’t make a MAC ping.
) and connect to the Mtik via LAN interface and WInbox MAC address