New router config problem - no LAN to WAN trafic

jimbobst · December 24, 2019, 3:25am

Hi,

RouterOS 6.46.1 router model = RB962UiGS-5HacT2HnT replacing a working config with a Dlink router.

I have an ISP that requires the VLAN 10 is configured on the WAN interface (ether1).

I’ve followed older howtos specific to such a setup, but they are from 2016 and things looked to have changed a little.

added vlan interface “INTERNET” with vlan id 10

/interface vlan
add interface=ether1 name=INTERNET vlan-id=10

changed the dhcp-client to use new VLAN interface instead of ether1

/ip dhcp-client
add comment=defconf disabled=no interface=INTERNET

(from this point I get a DHCP wan address from the ISP)

changed interface list WAN definition from ether1 to INTERNET

/interface list
add comment=defconf name=WAN

/interface list member
add comment=defconf interface=INTERNET list=WAN

I can ping 8.8.8.8 from the router ping tool out the WAN, but I get no internet access from the WLAN/LAN ports (can ping router obviously).

a) The nat masquerade and default firewall rules seem to use the “WAN” definition above but I have tried changing them directly to use “INTERNET” without any luck.

/ip firewall nat
add action=masquerade chain=srcnat comment=“defconf: masquerade”
ipsec-policy=out,none out-interface-list=WAN

Any ideas?

Thanks

Anumrak · December 24, 2019, 10:46am

Hey. I think your NAT rule is fine. How about default route on your LAN devices? Or if you using dhcp server for them, do you managed it correctly?

jimbobst · December 24, 2019, 11:23pm

Hi,

I plugged the router back in this morning to check the routing, but everything is now working without changing anything else!

Weird. Not sure what happened here, as I had previously rebooted the router a number of times.

In any case the Mikrotik is now passing traffic.

Anumrak · December 25, 2019, 11:15am

Congrats!

BartoszP · December 26, 2019, 11:14am

Possibly ISP side was not configured properly on time and that’s why it works now.

gotsprings · December 26, 2019, 12:38pm

Don’t know what sort of speed you pay for…

But I would recommend putting a managed switch in front of the router to handle the 10VLAN tagging for you.

Noticed a significant slowdown when I ran into a Google fiber install that needed VLAN2 on the WAN port. If I had an RB260GS handy… I bet it would have cured all.

jimbobst · December 27, 2019, 1:21am

I already had the connection working for sometime with another Dlink router. If I swapped the Dlink back for the Mikrotik everything worked as usual.

Oh well, it is working now, and still works after restarting.

Cheers

jimbobst · December 27, 2019, 1:27am

I have a 1Gb connection/plan. Ah ok, are you saying these routers might have issues with throughput when vlanning a 1Gb wan link? I would have to do speed tests with both routers to compare - it does seem a little down from previous but the last test was several moths ago.
Interesting idea that though, but prefer not to add another piece of hardware and power pack to the mix. Thanks