Problem with WDS

RouterOS Wireless Networking
1

I’ve setup WDS systems before with mikrotik but for some reason I cant get this one going. The wireless connections seem to be connected properly and there seems to be traffic passing between them (The interface has both tx and rx bytes). However no traffic seems to pass between AP’s. I can’t even ping the IP or the MAC address between any of the AP’s The CCQ and signal strenght is good… ie CCQ is 70+%. Im going mad trying to figure out whats wrong… Any help would be welcome. Below is the export of wireless


/interface wireless security-profiles
set default authentication-types=“” eap-methods=passthrough group-ciphers=“” group-key-update=5m interim-update=0s management-protection=disabled management-protection-key=“”
mode=none name=default radius-eap-accounting=no radius-mac-accounting=no radius-mac-authentication=no radius-mac-caching=disabled radius-mac-format=XX:XX:XX:XX:XX:XX
radius-mac-mode=as-username static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=none static-key-0=“” static-key-1=“” static-key-2=“” static-key-3=“”
static-sta-private-algo=none static-sta-private-key=“” static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=none tls-mode=no-certificates unicast-ciphers=“”
wpa-pre-shared-key=“” wpa2-pre-shared-key=“”
add authentication-types=wpa-psk,wpa2-psk eap-methods=passthrough group-ciphers=tkip group-key-update=5m interim-update=0s management-protection=allowed management-protection-key=
“” mode=static-keys-required name=profile1 radius-eap-accounting=no radius-mac-accounting=no radius-mac-authentication=no radius-mac-caching=disabled radius-mac-format=
XX:XX:XX:XX:XX:XX radius-mac-mode=as-username static-algo-0=40bit-wep static-algo-1=none static-algo-2=none static-algo-3=none static-key-0=0a1b2c3d4e static-key-1=“”
static-key-2=“” static-key-3=“” static-sta-private-algo=none static-sta-private-key=“” static-transmit-key=key-0 supplicant-identity=“” tls-certificate=none tls-mode=
no-certificates unicast-ciphers=tkip wpa-pre-shared-key=“” wpa2-pre-shared-key=“”
/interface wireless
set 0 adaptive-noise-immunity=ap-and-client-mode allow-sharedkey=no antenna-gain=0 area=“” arp=enabled band=2ghz-b/g/n basic-rates-a/g=6Mbps basic-rates-b=1Mbps bridge-mode=
enabled channel-width=20mhz compression=no country=no_country_set default-ap-tx-limit=0 default-authentication=yes default-client-tx-limit=0 default-forwarding=yes dfs-mode=
none disable-running-check=no disabled=no disconnect-timeout=3s distance=indoors frame-lifetime=0 frequency=2422 frequency-mode=manual-txpower frequency-offset=0 hide-ssid=yes
ht-ampdu-priorities=0 ht-amsdu-limit=8192 ht-amsdu-threshold=8192 ht-basic-mcs=mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7 ht-guard-interval=any ht-rxchains=0,1
ht-supported-mcs=mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7,mcs-8,mcs-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-14,mcs-15,mcs-16,mcs-17,mcs-18,mcs-19,mcs-20,mcs-21,mcs-22,mcs-23
ht-txchains=0 hw-fragmentation-threshold=disabled hw-protection-mode=none hw-protection-threshold=0 hw-retries=7 l2mtu=2290 mac-address=00:0C:42:6B:B1:C9 max-station-count=
2007 mode=ap-bridge mtu=1500 name=wlan1 noise-floor-threshold=default nv2-cell-radius=30 nv2-noise-floor-offset=default nv2-preshared-key=“” nv2-qos=default nv2-queue-count=2
nv2-security=disabled on-fail-retry-time=100ms periodic-calibration=disabled periodic-calibration-interval=60 preamble-mode=short proprietary-extensions=post-2.9.25
radio-name=000C426BB1C9 rate-selection=legacy rate-set=default scan-list=default security-profile=profile1 ssid=BayInternal station-bridge-clone-mac=00:00:00:00:00:00
supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 tx-power-mode=default
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=WDSBridge wds-default-cost=100 wds-ignore-ssid=no wds-mode=dynamic wireless-protocol=802.11
wmm-support=disabled
add area=“” arp=enabled bridge-mode=enabled default-ap-tx-limit=0 default-authentication=yes default-client-tx-limit=0 default-forwarding=yes disable-running-check=no disabled=yes
hide-ssid=no mac-address=02:0C:42:6B:B1:D1 master-interface=wlan1 max-station-count=2007 mtu=1500 name=wlan2 proprietary-extensions=post-2.9.25 security-profile=default ssid=
“Bay Centre Wifi” update-stats-interval=disabled wds-cost-range=0 wds-default-bridge=none wds-default-cost=0 wds-ignore-ssid=no wds-mode=disabled wmm-support=disabled

/interface wireless manual-tx-power-table
set wlan1 manual-tx-powers=“1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9Mbps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-0:17,HT20-1:17,HT20-2:17,HT20-
3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,HT40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40-7:17”
set wlan2
/interface wireless nstreme
set wlan1 disable-csma=no enable-nstreme=no enable-polling=yes framer-limit=3200 framer-policy=none
set “(unknown)”
/interface wireless access-list
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=Bay4thFl disabled=no forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:CF management-protection-key=“”
private-algo=none private-key=“” private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=Lv2Bay disabled=no forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:F5 management-protection-key=“”
private-algo=none private-key=“” private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=DougSt disabled=no forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:C3 management-protection-key=“”
private-algo=none private-key=“” private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=Lv2Walkway disabled=no forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:C4 management-protection-key=“”
private-algo=none private-key=“” private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=FortSt disabled=no forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:D3 management-protection-key=“”
private-algo=none private-key=“” private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=ViewSt disabled=no forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:BB management-protection-key=“”
private-algo=none private-key=“” private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 disabled=no forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:E2 management-protection-key=“” private-algo=none
private-key=“” private-pre-shared-key=“” signal-range=-120.-50
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 frames-per-second=25 receive-all=no ssid-all=no
/interface wireless connect-list
add area-prefix=“” connect=yes disabled=no interface=wlan1 mac-address=00:0C:42:6B:B1:BB security-profile=default signal-range=-120.-50 ssid=“” wireless-protocol=any
add area-prefix=“” connect=yes disabled=no interface=wlan1 mac-address=00:0C:42:6B:B1:C3 security-profile=default signal-range=-120.-50 ssid=“” wireless-protocol=any
add area-prefix=“” connect=yes disabled=no interface=wlan1 mac-address=00:0C:42:6B:B1:C4 security-profile=default signal-range=-120.-50 ssid=“” wireless-protocol=any
add area-prefix=“” connect=yes disabled=no interface=wlan1 mac-address=00:0C:42:6B:B1:CF security-profile=default signal-range=-120.-50 ssid=“” wireless-protocol=any
add area-prefix=“” connect=yes disabled=no interface=wlan1 mac-address=00:0C:42:6B:B1:D3 security-profile=default signal-range=-120.-50 ssid=“” wireless-protocol=any
add area-prefix=“” connect=yes disabled=no interface=wlan1 mac-address=00:0C:42:6B:B1:E2 security-profile=default signal-range=-120.-50 ssid=“” wireless-protocol=any
add area-prefix=“” connect=yes disabled=no interface=wlan1 mac-address=00:0C:42:6B:B1:F5 security-profile=default signal-range=-120.-50 ssid=“” wireless-protocol=any
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name=“” memory-limit=10 multiple-channels=no only-headers=no receive-errors=no streaming-enabled=no streaming-max-rate=0
streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no

2

Any consultants want to have a quick look?

3

You would be better off to reset the wireless interface and start from the basics. You have made so many changes it’s hard to tell.

4

Also export your interfaces, addresses, and firewall.

5

Interfaces:

/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes
disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s mtu=1500
name=PublicBridge priority=0x8000 protocol-mode=rstp transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes
disabled=no forward-delay=15s l2mtu=2290 max-message-age=20s mtu=1500 name=
WDSBridge priority=0x8000 protocol-mode=rstp transmit-hold-count=6
/interface ethernet
set 0 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1526
mac-address=00:0C:42:C0:12:B9 mtu=1500 name=ether1 speed=100Mbps
/interface pptp-server
add disabled=no name=pptp-in1 user=evoshift
/interface eoip
add arp=enabled disabled=no l2mtu=65535 local-address=0.0.0.0 mac-address=
02:ED:0F:2F:F4:9E mtu=1500 name=eoip-tunnel1 remote-address=10.12.1.1
tunnel-id=1
add arp=enabled disabled=no l2mtu=65535 local-address=0.0.0.0 mac-address=
02:EC:FA:D9:BE:37 mtu=1500 name=eoip-tunnel2 remote-address=10.12.1.2
tunnel-id=2
add arp=enabled disabled=no l2mtu=65535 local-address=0.0.0.0 mac-address=
02:C5:4E:44:B5:E0 mtu=1500 name=eoip-tunnel3 remote-address=10.12.1.3
tunnel-id=3
add arp=enabled disabled=no l2mtu=65535 local-address=0.0.0.0 mac-address=
02:0B:9A:F5:A0:75 mtu=1500 name=eoip-tunnel4 remote-address=10.12.1.4
tunnel-id=4
add arp=enabled disabled=no l2mtu=65535 local-address=0.0.0.0 mac-address=
02:DA:4E:95:A6:D5 mtu=1500 name=eoip-tunnel5 remote-address=10.12.1.5
tunnel-id=5
add arp=enabled disabled=no l2mtu=65535 local-address=0.0.0.0 mac-address=
02:65:0F:7C:14:CA mtu=1500 name=eoip-tunnel6 remote-address=10.120.1.6
tunnel-id=6
add arp=enabled disabled=no l2mtu=65535 local-address=0.0.0.0 mac-address=
02:61:69:75:B7:CC mtu=1500 name=eoip-tunnel8 remote-address=10.120.1.8
tunnel-id=8
add arp=enabled disabled=no l2mtu=65535 local-address=0.0.0.0 mac-address=
02:5D:9B:76:6F:87 mtu=1500 name=eoip-tunnel9 remote-address=10.12.1.9
tunnel-id=9
add arp=enabled disabled=no l2mtu=65535 local-address=0.0.0.0 mac-address=
02:72:1C:BE:FC:42 mtu=1500 name=eoip-tunnel10 remote-address=10.12.1.10
tunnel-id=10
/interface wireless security-profiles
set default authentication-types=“” eap-methods=passthrough group-ciphers=“”
group-key-update=5m interim-update=0s management-protection=disabled
management-protection-key=“” mode=none name=default radius-eap-accounting=
no radius-mac-accounting=no radius-mac-authentication=no
radius-mac-caching=disabled radius-mac-format=XX:XX:XX:XX:XX:XX
radius-mac-mode=as-username static-algo-0=none static-algo-1=none
static-algo-2=none static-algo-3=none static-key-0=“” static-key-1=“”
static-key-2=“” static-key-3=“” static-sta-private-algo=none
static-sta-private-key=“” static-transmit-key=key-0 supplicant-identity=
MikroTik tls-certificate=none tls-mode=no-certificates unicast-ciphers=“”
wpa-pre-shared-key=“” wpa2-pre-shared-key=“”
add authentication-types=wpa-psk,wpa2-psk group-ciphers=tkip group-key-update=
5m interim-update=0s management-protection=disabled
management-protection-key=“” mode=static-keys-required name=profile1
radius-eap-accounting=no radius-mac-accounting=no
radius-mac-authentication=no radius-mac-caching=disabled radius-mac-format=
XX:XX:XX:XX:XX:XX radius-mac-mode=as-username static-algo-0=40bit-wep
static-algo-1=none static-algo-2=none static-algo-3=none static-key-0=
0a1b2c3d4e static-key-1=“” static-key-2=“” static-key-3=“”
static-sta-private-algo=none static-sta-private-key=“” static-transmit-key=
key-0 supplicant-identity=“” tls-certificate=none tls-mode=no-certificates
unicast-ciphers=tkip wpa-pre-shared-key=“” wpa2-pre-shared-key=“”
/interface wireless
set 0 adaptive-noise-immunity=ap-and-client-mode allow-sharedkey=no
antenna-gain=0 area=“” arp=enabled band=2ghz-b/g/n basic-rates-a/g=6Mbps
basic-rates-b=1Mbps bridge-mode=enabled channel-width=20mhz compression=no
country=no_country_set default-ap-tx-limit=0 default-authentication=yes
default-client-tx-limit=0 default-forwarding=yes dfs-mode=none
disable-running-check=no disabled=no disconnect-timeout=3s distance=indoors
frame-lifetime=0 frequency=2422 frequency-mode=manual-txpower
frequency-offset=0 hide-ssid=yes ht-ampdu-priorities=0 ht-amsdu-limit=8192
ht-amsdu-threshold=8192 ht-basic-mcs=
mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7 ht-guard-interval=any
ht-rxchains=0,1 ht-supported-mcs=“mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,
mcs-7,mcs-8,mcs-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-14,mcs-15,mcs-16,mcs-17,mc
s-18,mcs-19,mcs-20,mcs-21,mcs-22,mcs-23” ht-txchains=0
hw-fragmentation-threshold=disabled hw-protection-mode=none
hw-protection-threshold=0 hw-retries=7 l2mtu=2290 mac-address=
00:0C:42:6B:B1:C9 max-station-count=2007 mode=ap-bridge mtu=1500 name=wlan1
noise-floor-threshold=default nv2-cell-radius=30 nv2-noise-floor-offset=
default nv2-preshared-key=“” nv2-qos=default nv2-queue-count=2
nv2-security=disabled on-fail-retry-time=100ms periodic-calibration=
disabled periodic-calibration-interval=60 preamble-mode=short
proprietary-extensions=post-2.9.25 radio-name=000C426BB1C9 rate-selection=
legacy rate-set=default scan-list=default security-profile=profile1 ssid=
BayInternal station-bridge-clone-mac=00:00:00:00:00:00 supported-rates-a/g=
6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=
1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 tx-power-mode=default
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=
WDSBridge wds-default-cost=100 wds-ignore-ssid=no wds-mode=dynamic
wireless-protocol=802.11 wmm-support=disabled
add area=“” arp=enabled bridge-mode=enabled default-ap-tx-limit=0
default-authentication=yes default-client-tx-limit=0 default-forwarding=yes
disable-running-check=no disabled=yes hide-ssid=no mac-address=
02:0C:42:6B:B1:D1 master-interface=wlan1 max-station-count=2007 mtu=1500
name=wlan2 proprietary-extensions=post-2.9.25 security-profile=default
ssid=“Bay Centre Wifi” update-stats-interval=disabled wds-cost-range=0
wds-default-bridge=none wds-default-cost=0 wds-ignore-ssid=no wds-mode=
disabled wmm-support=disabled
/interface wireless manual-tx-power-table
set wlan1 manual-tx-powers=“1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9Mbp
s:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-0:17,H
T20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,HT40-0:
17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40-7:17”
set wlan2
/interface wireless nstreme
set wlan1 disable-csma=no enable-nstreme=no enable-polling=yes framer-limit=
3200 framer-policy=none
set “(unknown)”
/interface bridge port
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=wlan2 path-cost=10 point-to-point=auto priority=0x80
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=eoip-tunnel1 path-cost=10 point-to-point=auto priority=0x80
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=eoip-tunnel10 path-cost=10 point-to-point=auto priority=0x80
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=eoip-tunnel2 path-cost=10 point-to-point=auto priority=0x80
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=eoip-tunnel3 path-cost=10 point-to-point=auto priority=0x80
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=eoip-tunnel4 path-cost=10 point-to-point=auto priority=0x80
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=eoip-tunnel5 path-cost=10 point-to-point=auto priority=0x80
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=eoip-tunnel6 path-cost=10 point-to-point=auto priority=0x80
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=eoip-tunnel8 path-cost=10 point-to-point=auto priority=0x80
add bridge=PublicBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=eoip-tunnel9 path-cost=10 point-to-point=auto priority=0x80
add bridge=WDSBridge disabled=no edge=auto external-fdb=auto horizon=none
interface=wlan1 path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption
enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=
default enabled=no keepalive-timeout=60 mac-address=FE:F6:A3:5F:DD:C1
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption enabled=
yes keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=
default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=
disabled port=443 verify-client-certificate=no
/interface wireless access-list
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=Bay4thFl
disabled=yes forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:CF
management-protection-key=“” private-algo=none private-key=“”
private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=Lv2Bay disabled=
yes forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:F5
management-protection-key=“” private-algo=none private-key=“”
private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=DougSt disabled=
yes forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:C3
management-protection-key=“” private-algo=none private-key=“”
private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=Lv2Walkway
disabled=yes forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:C4
management-protection-key=“” private-algo=none private-key=“”
private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=FortSt disabled=
yes forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:D3
management-protection-key=“” private-algo=none private-key=“”
private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=ViewSt disabled=
yes forwarding=yes interface=wlan1 mac-address=00:0C:42:6B:B1:BB
management-protection-key=“” private-algo=none private-key=“”
private-pre-shared-key=“” signal-range=-120.-50
add ap-tx-limit=0 authentication=yes client-tx-limit=0 disabled=yes forwarding=
yes interface=wlan1 mac-address=00:0C:42:6B:B1:E2
management-protection-key=“” private-algo=none private-key=“”
private-pre-shared-key=“” signal-range=-120.-50
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless connect-list
add area-prefix=“” connect=yes disabled=yes interface=wlan1 mac-address=
00:0C:42:6B:B1:BB security-profile=default signal-range=-120.-50 ssid=“”
wireless-protocol=any
add area-prefix=“” connect=yes disabled=yes interface=wlan1 mac-address=
00:0C:42:6B:B1:C3 security-profile=default signal-range=-120.-50 ssid=“”
wireless-protocol=any
add area-prefix=“” connect=yes disabled=yes interface=wlan1 mac-address=
00:0C:42:6B:B1:C4 security-profile=default signal-range=-120.-50 ssid=“”
wireless-protocol=any
add area-prefix=“” connect=yes disabled=yes interface=wlan1 mac-address=
00:0C:42:6B:B1:CF security-profile=default signal-range=-120.-50 ssid=“”
wireless-protocol=any
add area-prefix=“” connect=yes disabled=yes interface=wlan1 mac-address=
00:0C:42:6B:B1:D3 security-profile=default signal-range=-120.-50 ssid=“”
wireless-protocol=any
add area-prefix=“” connect=yes disabled=yes interface=wlan1 mac-address=
00:0C:42:6B:B1:E2 security-profile=default signal-range=-120.-50 ssid=“”
wireless-protocol=any
add area-prefix=“” connect=yes disabled=yes interface=wlan1 mac-address=
00:0C:42:6B:B1:F5 security-profile=default signal-range=-120.-50 ssid=“”
wireless-protocol=any
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name=“” memory-limit=10
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=no
streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=no receive-errors=no
[admin@TBC-FoodCourt] /interface>

Firewall:

/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s
udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=“place hotspot rules here” disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=“place hotspot rules here” disabled=yes
add action=masquerade chain=srcnat disabled=no out-interface=ether1
add action=masquerade chain=srcnat comment=“masquerade hotspot network” disabled=no src-address=10.12.2.0/24
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no

IP addresses:

/ip address
add address=10.12.1.7/24 disabled=yes interface=wlan1 network=10.12.1.0
add address=10.12.2.7/24 disabled=yes interface=wlan2 network=10.12.2.0
add address=192.168.88.1/24 disabled=no interface=ether1 network=192.168.88.0
add address=10.12.1.254/24 disabled=no interface=WDSBridge network=10.12.1.0
add address=10.12.2.254/24 disabled=no interface=PublicBridge network=10.12.2.0

Dont really want to reset to default my interfaces.. there are 10AP’s that have the same basic configuration and they are not possible to get at.

6

The changes to the wireless interface actually arn’t that many.. just have a listing for connect/access lists which makes it look large

7

Post the interface, IP addressing and bridging configs for one of the clients.

You’ve got a lot going there Ryley…:slight_smile: