Hi,
I have several Mikrotik devices in my home network and I have recently upgraded them to RouterOS 7.
One of them is an outside RB750Pr2 device, it is connected with a cable from my CPE (a haP AC3 + LTE), is configured of course in Bridge mode and has three other devices connected in its other ports - two PTZ security cameras and one RBD22UGS-5HPacD2HnD Mikrotik device.
Since the upgrade to OS7, I can reach the RB750Pr2 and connect to it, but cannot reach via ICMP any of the directly connected devices.
The RBD22UGS-5HPacD2HnD I can reach with WinBox via MAC address.
The cameras are unreachable, and if I try a ping FROM the RB750Pr2, I get something like this:
[stefan@Caciulati_Outdoor] > ping 192.168.88.183
SEQ HOST SIZE TTL TIME STATUS
0 192.168.88.183 56 64 17ms545us
1 192.168.88.183 56 64 734us
2 192.168.88.183 56 64 703us
3 192.168.88.183 56 64 891us
4 192.168.88.183 56 64 3ms420us
5 192.168.88.183 56 64 837us
6 192.168.88.183 56 64 710us
7 192.168.88.183 timeout
8 192.168.88.183 timeout
9 192.168.88.183 timeout
10 192.168.88.183 timeout
11 192.168.88.183 timeout
12 192.168.88.183 timeout
13 192.168.88.183 timeout
14 192.168.88.183 timeout
15 192.168.88.183 timeout
16 192.168.88.183 timeout
17 192.168.88.183 timeout
18 192.168.88.183 timeout
19 192.168.88.183 timeout
sent=20 received=7 packet-loss=65% min-rtt=703us avg-rtt=3ms548us max-rtt=17ms545us
SEQ HOST SIZE TTL TIME STATUS
20 192.168.88.183 timeout
21 192.168.88.183 timeout
22 192.168.88.183 timeout
23 192.168.88.183 timeout
24 192.168.88.183 timeout
25 192.168.88.183 timeout
26 192.168.88.183 timeout
27 192.168.88.183 timeout
28 192.168.88.183 timeout
29 192.168.88.183 timeout
30 192.168.88.183 timeout
31 192.168.88.183 timeout
32 192.168.88.183 timeout
33 192.168.88.183 timeout
34 192.168.88.183 timeout
35 192.168.88.183 timeout
36 192.168.88.183 56 64 1ms956us
37 192.168.88.183 timeout
38 192.168.88.183 timeout
39 192.168.88.183 timeout
sent=40 received=8 packet-loss=80% min-rtt=703us avg-rtt=3ms349us max-rtt=17ms545us
Usually answers 2-3 packets, than lots of timeouts, that one reply here and there but mostly loss.
Same for all three devices, the physical connections are fine.
Have tried many changes but for nothing, no luck.
Here is my current config:
# 2025-02-28 00:48:36 by RouterOS 7.18
# software id = CYG1-KU7Z
#
# model = RB750Pr2
# serial number = 67D5070EA54F
/interface bridge
add admin-mac=64:D1:54:8C:0C:8E auto-mac=no name=bridge1 port-cost-mode=short
/interface ethernet
set [ find default-name=ether1 ] advertise="10M-baseT-half,10M-baseT-full,100M\
-baseT-half,100M-baseT-full,1G-baseT-full"
set [ find default-name=ether2 ] advertise="10M-baseT-half,10M-baseT-full,100M\
-baseT-half,100M-baseT-full,1G-baseT-half,1G-baseT-full" name=\
ether2-master
set [ find default-name=ether3 ] advertise="10M-baseT-half,10M-baseT-full,100M\
-baseT-half,100M-baseT-full,1G-baseT-half,1G-baseT-full" poe-out=off
set [ find default-name=ether4 ] advertise="10M-baseT-half,10M-baseT-full,100M\
-baseT-half,100M-baseT-full,1G-baseT-half,1G-baseT-full" poe-out=off
set [ find default-name=ether5 ] advertise="10M-baseT-half,10M-baseT-full,100M\
-baseT-half,100M-baseT-full,1G-baseT-half,1G-baseT-full"
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
add name=WAN
add include=none name=stefan
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/interface bridge port
add bridge=bridge1 hw=no ingress-filtering=no interface=ether1 \
internal-path-cost=10 path-cost=10
add bridge=bridge1 ingress-filtering=no interface=ether2-master \
internal-path-cost=10 path-cost=10
add bridge=bridge1 ingress-filtering=no interface=ether3 internal-path-cost=\
10 path-cost=10
add bridge=bridge1 ingress-filtering=no interface=ether4 internal-path-cost=\
10 path-cost=10
add bridge=bridge1 ingress-filtering=no interface=ether5 internal-path-cost=\
10 path-cost=10
/ip firewall connection tracking
set udp-timeout=10s
/ip neighbor discovery-settings
set discover-interface-list=discover
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface detect-internet
set lan-interface-list=stefan
/interface list member
add interface=ether1 list=stefan
add interface=ether2-master list=stefan
add interface=ether3 list=stefan
add interface=ether4 list=stefan
add interface=ether5 list=stefan
/ip address
add address=192.168.88.168/24 disabled=yes interface=ether1 network=\
192.168.88.0
add address=192.168.88.89/24 interface=bridge1 network=192.168.88.0
/ip arp
add address=192.168.88.90 interface=bridge1 mac-address=DC:2C:6E:E7:84:9A
/ip dhcp-client
add comment=defconf disabled=yes interface=bridge1
/ip dhcp-relay
add dhcp-server=192.168.88.88 disabled=no interface=bridge1 name=relay1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.89 netmask=24
/ip dns
set allow-remote-requests=yes servers=192.168.88.88,8.8.8.8
/ip dns static
add address=192.168.88.89 name=router type=A
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" disabled=yes \
protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
connection-state=established,related disabled=yes
add action=drop chain=input comment="defconf: drop all from WAN" disabled=yes \
in-interface=ether1
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related disabled=yes hw-offload=yes
add action=accept chain=forward comment="defconf: accept established,related" \
connection-state=established,related disabled=yes
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid disabled=yes
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new disabled=yes in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
out-interface=bridge1
/ip ipsec profile
set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5
/routing bfd configuration
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
/system clock
set time-zone-name=Europe/Bucharest
/system identity
set name=Caciulati_Outdoor
/system note
set show-at-login=no
/tool mac-server
set allowed-interface-list=stefan
/tool mac-server mac-winbox
set allowed-interface-list=stefan
I do not know how to solve this, could you please help?