No internet access on ether1

baremetal · February 11, 2020, 4:44pm

Hi,

For the begging, I try a very simple setup:

ether1 <—> routerOS <—> PPP (3g Modem)

My PC is connected to ether1. I set an IP address and a DHCP server:

The problem is that there is no internet access on ether1, routerOS itself can ping the internet and load updates.

/ip address
add address=192.168.0.1/24 interface=ether1 network=192.168.0.0

/ip pool
add name=pool1 ranges=192.168.0.10-192.168.0.100

/ip dhcp-server
add address-pool=pool1 disabled=no interface=ether1 name=dhcp1

I added one cellular modems (Quectel UC20):

/interface ppp-client
add apn=web.vodafone.de data-channel=3 disabled=no info-channel=2 name=ppp-out1 pin=**** port=usb1

Ping from routerOS works nice:

[admin@MikroTik] > /ping 192.168.0.100
  SEQ HOST                                     SIZE TTL TIME  STATUS                                                         
    0 192.168.0.100                              56 128 0ms  
    1 192.168.0.100                              56 128 0ms  
    2 192.168.0.100                              56 128 0ms  
    3 192.168.0.100                              56 128 0ms  
    sent=4 received=4 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms 

[admin@MikroTik] > /ping 8.8.8.8    
  SEQ HOST                                     SIZE TTL TIME  STATUS                                                         
    0 8.8.8.8                                    56  53 722ms
    1 8.8.8.8                                    56  53 215ms
    2 8.8.8.8                                    56  53 68ms 
    3 8.8.8.8                                    56  53 47ms 
    sent=4 received=4 packet-loss=0% min-rtt=47ms avg-rtt=263ms max-rtt=722ms

Thank you in advance,
Regards Andreas

baremetal · February 11, 2020, 4:47pm

I also try some masquerade:

/ip firewall nat
 add action=masquerade chain=srcnat out-interface-list=all

With no changes.

baremetal · February 11, 2020, 4:51pm

Config export:

[admin@MikroTik] > export
# jan/07/2012 02:55:51 by RouterOS 7.0beta4
# software id = M4Q6-NMFP
#
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool1 ranges=192.168.0.10-192.168.0.100
/ip dhcp-server
add address-pool=pool1 disabled=no interface=ether1 name=dhcp1
/port
set 0 name=usb1
/interface ppp-client
add apn=web.vodafone.de data-channel=3 disabled=no info-channel=2 name=ppp-out1 pin=**** port=usb1
/ip address
add address=192.168.0.1/24 interface=ether1 network=192.168.0.0
/ip cloud
set update-time=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=all
#error exporting /ipv6/route/rule
#error exporting /routing/policy/selection
/system gps
set set-system-time=no
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set ppp-out1 disabled=yes display-time=5s
set ether1 disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s
[admin@MikroTik] >

mkx · February 11, 2020, 4:57pm

The NAT config is wrong, it should be like this:

add action=masquerade chain=srcnat out-interface=ppp-out1

Beware that you don’t have any firewall whatsoever … you’re walking on thin ice.

baremetal · February 12, 2020, 9:59am

I try:

/ip firewall nat
add action=masquerade chain=srcnat out-interface=ppp-out1

Still it does not work.

Config:

[admin@MikroTik] >> export                                                                         
# jan/07/2012 19:59:36 by RouterOS 7.0beta4
# software id = M4Q6-NMFP
#
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool1 ranges=192.168.0.10-192.168.0.100
/ip dhcp-server
add address-pool=pool1 disabled=no interface=ether1 name=dhcp1
/port
set 0 name=usb1
/interface ppp-client
add apn=web.vodafone.de data-channel=3 disabled=no info-channel=2 name=ppp-out1 pin=**** port=usb1
/ip address
add address=192.168.0.1/24 interface=ether1 network=192.168.0.0
/ip cloud
set update-time=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ppp-out1
#error exporting /ipv6/route/rule
#error exporting /routing/policy/selection
/system gps
set set-system-time=no
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set ppp-out1 disabled=yes display-time=5s
set ether1 disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s

WeWiNet · February 12, 2020, 10:33am

There is no bridge defined with ETH1?
Would that not be needed? And then put the DHCP server onto the bridge?

Also you have no route added nor any default route created.
(you do not show APN setting, where you can add deault route option)

baremetal · February 12, 2020, 12:24pm

Thanks for your replys.

I forget the gatway:

/ip dhcp-server network
add address=192.168.0.0/16 gateway=192.168.0.1

Now it works!

mkx · February 12, 2020, 1:04pm

The subnet mask in DHCP server settings (/16) and in IP address (/24) should be matching.

@WeWiNet: no, bridge is not absolute necessity … if only single interface (of any type, could be wired, wireless, VLAN, PPP, …) is part of same L2 (broadcast) domain, then use of bridge makes no sense (most of times).

WeWiNet · February 13, 2020, 10:24am

@MKX thanks, was not aware of that.