i’m begginer in Mikrotik but I would like to develop in this direction.
I have problem with mANTBox in PTP Bridge AP mode.
Configuration is:
Internet — RUTX11 ----(wire)---- Tp-link CPE710 (Bridge Client) —(wifi)— mANTBox (PTP Bridge AP) —(wire)— several IP cameras
…-–(wifi)—Tp-link CPE710 (Bridge Client) —(wire)— PC
I have problem with internet access from mANTBox side.
It seems there is a problem with dns because winbox and outside http access to AP clients works.
Previously, the CPE710 was in place of the mANTBox and everything worked.
In Intarface List i set wlan as WAN
there is a strange thing in the arp table because the router’s ip address is mapped to the MAC address of the Bridge Client.
I read a bit but found no solution.
When I try ping 8.8.8.8, I have “no route to host”
At the moment, MT only passes the communication of the 192.168.1.0 network.
On the AP client which is connected betwen MT and router, communication with Internet is normal.
[admin@MikroTik] > /ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 192.168.1.249/24 192.168.1.0 bridge_transp
[admin@MikroTik] > /ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADC 192.168.1.0/24 192.168.1.249 bridge_transp 0
[admin@MikroTik] > /interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU MAX-L2MTU
0 RS ether1 ether 1500 1598 9214
1 S sfp1 ether 1500 1598 9214
2 XS wlan1 wlan 1500 1600 2290
3 RS wlan2 wlan 1500 1600 2290
4 R bridge_transp bridge 1500 1598
Internet — RUTX11 ----(wire)---- Tp-link CPE710 (Bridge Client) —(wifi)— mANTBox (PTP Bridge AP) —(wire)— several IP cameras
…-–(wifi)—Tp-link CPE710 (Bridge Client) —(wire)— PC
Thx for that schema. Important, but it is clear this cannot work with
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
set [ find default-name=wlan2 ] country=poland disabled=no frequency=auto
installation=outdoor mode=bridge ssid=9FEDEB wps-mode=disabled
/interface bridge port
add bridge=bridge_transp interface=all
Not clear what link (WLAN1 or WLAN2) is used for the uplink. But WLAN2 in mode bridge is not usable as AP besides one connection, could have been mode “AP bridge”.
The basic problem is this first wifi link “Tp-link CPE710 (Bridge Client) —(wifi)— mANTBox” where the TP-Link is a non-Mikrotik device.
That standard 802.11 wifi link only carries 3 MAC addresses in the wifi packet. There are 4 addresses needed: “source-sender-receiver-destination” for passing data to multiple destinations. (Because receiver and destination are different then.)
Possible solutions :
replace the TP-Link CPE710 with an equivalent MT device (starting from SXTsq ac and up). and run the link as “station bridge”-“AP bridge”. The “bridge” function in this link will transmit 4 MAC addresses and will be fully level L2 (=bridged network) transparant.
Try to enable a WDS link. WDS is designed to transmit 4 MAC addresses. (It is a special case of “bridge” above) Connecting WDS between different vendors is not impossible but not guaranteed to work. Setting security is one of the problems.
With quite some limitations use mode=“station-pseudobridge” at the mANTBox WLAN interface for that link. “Pseudobridge” will make an internal table in the mANTBox for the different IPv4 IP addresses and redistribute. It will communicate with only its own MAC address on the uplink. Only IPv4 will work, some protocols like DHCP ‘may’ not work. Not recommended solution.
Possible solution is to let go the one L2 network, and connect the mANTBox at L3 including NAT. mANTBox will communicate with only it’s own MAC and IP address in the link. It is the typical ‘AP Home’ setup towards internet. DHCP will be on the mANTBox for the camera’s and other clients.
Maybe the CPE750 can make a transparant connection to the RUTX11. As this is the same problem again: only one client MAC address for every standard wifi link.
If for L3 solution “4)” above, a L2 connection is absolutly necessary, then a L2 VPN tunnel could be created towards the mANTBox.
to add to @bpwl excellent explanation: Mikrotik station bridge implementation isn’t standard 802.11, and is that what makes possible to “transparently bridge” two segments regardless of number of clients at both sides w/o requiring WDS or alike when using Mikrotik at both sides.
