Maybe someone has had experience connecting a MikroTik Hap ax2 to a HUAWEI DN8245X6-10 router in BRIDGE mode and can share their experience and settings regarding this topic. In this scenario, I have a problem with the PPPoE connection itself.
Two things
Major: You need to include the username in interface settings
/interface list member
add interface=BRIDGE list=LAN
add interface=ether1 list=ONT add interface=PPPoE-ONT list=ONT
Minor: set internet detect to none, its been known to cause issues in the past.
Possibly a problem: If you are using ppoe its all defined in the pppoe client interface, which means
you should NOT have any ip dhcp client ( aka it should be DISABLED) AND you should not have any ip address entry for wan.
Thus ensure this is removed
/ip address
add address=192.168.88.1/24 interface=BRIDGE network=192.168.88.0 add address= interface=ether1 network=
You seem to have an IP route, but you shouldnt need one ??
On the huawei, you likely need to tick at least of the LAN1-LAN4 interfaces, the one to which the Mikrotik ether1 is attached. (And probably Enable WAN needs to be checked)
You should remove the following it will break the pppoe.
(Pretty much leave ether1 as default with maybe an alternate mac address if really needed)
set [ find default-name=ether1 ] l2mtu=1492 mac-address= mtu=1492
I assume your firewall rules are very similar to default, but with ONT standing in for WAN in this case
If not, they need to be, (You need masquerade outbound on the ONT interface(s), as well as firewalling inbound on the ONT interfaces)
On the huawei, you likely need to tick at least of the LAN1-LAN4 interfaces, the one to which the Mikrotik ether1 is attached. (And probably Enable WAN needs to be checked)
No
Above is a picture of the settings recommended by the ISP (for BRIDGE) - without using VLANs.
Summary
I assume your firewall rules are very similar to default, but with ONT standing in for WAN in this case
If not, they need to be, (You need masquerade outbound on the ONT interface(s), as well as firewalling inbound on the ONT interfaces)
New installation of settings
Firewall = off
Masquerade - tell me for what and where?
You seem to be attempting to use the Mikrotik as the internet gateway, this is likely the only reason you would use bridge mode on the Huawei. Presumably the Huawei will then just be acting as some form of modem (VDSL? GPON?)
In which case you really need firewall and masquerade on the Mikrotik.
If this is the case, I would suggest you revert to the default configuration, which has a good default firewall.
Then add the pppoe interface to the ether1 interface and add this pppoe interface to the WAN interface list. (Also remove or disable the default dhcp client on ether1)
You should leave the l2mtu and mtu on ether1 alone. The PPPoE interface gets the 1492 mtu, and it needs the underlying ethernet interface ether1 to have a larger l2mtu than 1492, so it can fit the pppoe headers as well as the actual ip packets.
You seem to be attempting to use the Mikrotik as the internet gateway, this is likely the only reason you would use bridge mode on the Huawei. Presumably the Huawei will then just be acting as some form of modem (VDSL? GPON?)
I need to ask apologize you.
So, if I understand correctly, you're write even though you don't really know what I'm asking, yes?
PROBLEM:
no MT connection with the operator's network/ONT relay using PPPoE without Vlan
PURPOSE:
obtain RX/TX TRAFFIC on PPPoE using client on MT - without other settings
nothing else
Summary
ps
I'll call the provider tomorrow..maybe they are BLOCKING the connection from a device other than HUAWEI.
Maybe tomorrow I will receive an answer from the internet provider
You still should at least check the checkbox next to the LANX interface that you use to connect to the hAP ax² under Binding Options.
Then, reset your hAP ax² to the default configuration (System -> Reset Configuration, do not check any checkbox at all!). Then once that's done, connect to the Router using WinBox. After login the Quick Set window will popup up. Select router mode and PPPoE
And Quick Set will automatically perform these for you:
You don't have to do it manually. You only need to fill-in the PPPoE login information. If you need to clone the ISP MAC address, you can do on this window too.
Afterwards, do not return to this Quick Set window. It's intended to be used once after configuration reset.
Don't try to be clever with the firewall when you are not yet experienced. Use the defconf firewall which is both safe and performant.
"We operate on another operator's infrastructure. The connection MUST be established via a VLAN. The information regarding setting up the HUAWEI DN8245X6-10 router in BRIDGE mode without using a VLAN does not apply in your case. Best regards."
Because of this, I thank everyone for your engagement and answers.
For me, this topic is now closed.
