I have Mikrotik RouterOS 4.11 with hotspot. I connected a WAN home router using Ethernet to use serveral computer with one hotspot account. the router is Tenda W311R.
Mikrotik router:
WAN: 192.168.0.50 (this is connected to the LAN of ADSL modem)
LAN(hotspot): 192.168.1.1
Tenda W311R (My home router) IPs:
WAN:
WAN IP 192.168.1.50
Subnet Mask 255.255.255.0
Gateway 192.168.1.1 (Mikrotik hotspot)
LAN:
IP Address 192.168.2.1
Subnet Mask 255.255.255.0
DHCP Server Enable
NAT Enable
Firewall Enable
After I login, Sometime when I look at hotspot—> hosts in winbox , I found one,two or three IP are associated with router MAC address
First the one that is always there
MAC | address | address to
C8:3A:35:XX:XX:XX | 192.168.1.50 | 192.168.1.50
and sometime, these lines added
MAC | address | address to
C8:3A:35:XX:XX:XX | 192.168.2.100 | 192.168.1.4
C8:3A:35:XX:XX:XX | 192.168.2.104 | 192.168.1.24
I notice that the IPs 192.168.2.100 and 192.168.2.104 are IPs from the home router DHCP to my computers.
the internet is working normally but there might be slow when more router take more than one IP from the Mikrotik
No, the hotspot is on LAN of the Mikrotik router . you are mixing between Mikrotik router and the home router. I am trying to use one hotspot user account with the home router
this error is just happen with this router. I used to have buffalo router before and this didn’t happen. I want just to login once and take one IP address. the hotpot is working. and it is setup before I bought this router
the home router is after the Mikrotik
ADSL modem---->Mikrotik router----> my home router
outdoor APs also connected to the Mikrotik router for users outside my home
So the new home router is a remote LAN router, not WAN.
If you know the router is good for anyone connected, just bypass the router with its mac.
/ip hotspot ip-binding
add mac-address=xx:xx:xx:xx:xx:xx type=bypassed
I don’t know how it worked before with any router. You are using duplicate ip subnets (192.168.1.x) on two interfaces (WAN and hotspot/LAN).
EDIT: I just saw the changes to the first post. Now I see.
I think I see your question now. Your old LAN router had about the same settings, and one user could log in from the old router, and everyone could surf.
Now with the new LAN router, the 192.168.2.x ips are ‘bleeding through’ to the hotspot 192.168.1.x interface.
You need to do a masquerade in the new router. That is probably the difference in the setups.
ADD: If you also bypass the mac address through the hotspot as I mentioned above, nobody has to login.
But I have limited the speed for the user in his profile so if I bypass the hotspot, I will get the full internet speed and I don’t want that. Now the router is just taking one IP from the hotspot pool but I don’t why sometime it takes more?
Edit:
I don’t think there is option called masquerade in Tenda router
Then don’t bypass the hotspot. Just a suggestion.
If you masquerade (NAT) the router, all clients on the router appear as 192.168.1.50 and the mac of the router as the client. Otherwise, you will need to route the 192.168.2.x net back to the other router, and their 192.168.2.x ips will show in the host list.
It sounds like it is just leaking packets because it’s a bad router. Use something else. It’s not like you can work around what that Buffalo router puts on the wire on the next hop - the Hotspot will find this traffic even before the prerouting filter (the first thing in packet flow is Hotspot-In, where malformed packets like you’re seeing are dealt with).
Your only option is to replace or fix the Buffalo router.
