RB750GL Static IP Wan Problems

jmccleary · August 16, 2012, 10:24pm

Ok I am New to MicroTik’s. Like the prices and features. HATING the set up issue i am having right now. i am trying to do a very simple setup. After reading multiple threads and not finding anything that matches my issue and some that do never fixed the problem. Here is my problem.

I factory default the device. after that i disabled the dhcp client on the ether-1 interface. i set up the static-ip address on the interface. i add the default route in ip routes to point ether-1 gateway. i go to ping utility and ping 4.2.2.2 from gateway interface, success. when i try to ping form inside interface it times out. i double check the nat rule in the firewall. all looks good there. i tried all kinds of things, NO GO. I got fed up with the first one and pulled out a second 750GL. Did the same thing and it worked. i was like ok i must have a bad unit. the second one lasted about three days and it stooped working. Could not log into it nothing. So i had to reset it. Now it wont work. i am posting my config file in hopes that there might be a stupid thing that i am missing, and let me tell you I have been beating my head in the desk. it is a JD night tonight i tell you.

Hope some one out there can help me.

Before the hammer does.

Thanks,

Jason
Microtik 5.20 config.txt (11.4 KB)

jmccleary · August 17, 2012, 1:42pm

Just in case people don’t want to download the txt file. Here is the config.

/interface ethernet switch
set 0 mirror-source=none mirror-target=none name=switch1
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp authoritative=after-2sec-delay bootp-support=static disabled=no interface=ether2-master-local lease-time=3d name=default
/queue type
set 0 kind=pfifo name=default pfifo-limit=50
set 1 kind=pfifo name=ethernet-default pfifo-limit=50
set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
set 5 kind=none name=only-hardware-queue
set 6 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default
set 7 kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes disabled=no ignore-as-path-len=no name=default out-filter=“” redistribute-connected=no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no
redistribute-static=no router-id=0.0.0.0 routing-table=“”
/routing ospf instance
set [ find default=yes ] disabled=no distribute-default=never in-filter=ospf-in metric-bgp=auto metric-connected=20 metric-default=1 metric-other-ospf=auto metric-rip=20 metric-static=20 name=default out-filter=
ospf-out redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=backbone type=default
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0 authentication-password=“” authentication-protocol=MD5 encryption-password=“” encryption-protocol=DES name=public read-access=yes security=none write-access=no
/system logging action
set 0 memory-lines=100 memory-stop-on-full=no name=memory target=memory
set 1 disk-file-count=2 disk-file-name=log disk-lines-per-file=100 disk-stop-on-full=no name=disk target=disk
set 2 name=echo remember=yes target=echo
set 3 bsd-syslog=no name=remote remote-port=514 src-address=0.0.0.0 syslog-facility=daemon syslog-severity=auto target=remote
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin password=“” paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no permissions=owner signup-allowed=no time-zone=-00:00
/user group
set read name=read policy=local,telnet,ssh,reboot,read,test,winbox,password,web,sniff,sensitive,api,!ftp,!write,!policy skin=default
set write name=write policy=local,telnet,ssh,reboot,read,write,test,winbox,password,web,sniff,sensitive,api,!ftp,!policy skin=default
set full name=full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api skin=default
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
/interface ethernet switch port
set 0 vlan-header=leave-as-is vlan-mode=disabled
set 1 vlan-header=leave-as-is vlan-mode=disabled
set 2 vlan-header=leave-as-is vlan-mode=disabled
set 3 vlan-header=leave-as-is vlan-mode=disabled
set 4 vlan-header=leave-as-is vlan-mode=disabled
set 5 vlan-header=leave-as-is vlan-mode=disabled
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.88.1/24 comment=“default configuration” disabled=no interface=ether2-master-local network=192.168.88.0
add address=XXX.XXX.123.232/27 disabled=no interface=ether1-gateway network=XXX.XXX.123.224
/ip dhcp-client
add add-default-route=yes comment=“default configuration” default-route-distance=1 disabled=yes interface=ether1-gateway use-peer-dns=yes use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=192.168.88.0/24 comment=“default configuration” dhcp-option=“” dns-server=192.168.88.1 gateway=192.168.88.1 ntp-server=“” wins-server=“”
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB max-udp-packet-size=4096 servers=“”
/ip dns static
add address=192.168.88.1 disabled=no name=router ttl=1d
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s
tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=accept chain=input comment=“default configuration” disabled=no protocol=icmp
add action=accept chain=input comment=“default configuration” connection-state=established disabled=no
add action=accept chain=input comment=“default configuration” connection-state=related disabled=no
add action=drop chain=input comment=“default configuration” disabled=no in-interface=ether1-gateway
/ip firewall nat
add action=masquerade chain=srcnat comment=“default configuration” disabled=no out-interface=ether1-gateway src-address=192.168.88.0/24 to-addresses=0.0.0.0
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
/ip neighbor discovery
set ether1-gateway disabled=yes
set ether2-master-local disabled=no
set ether3-slave-local disabled=no
set ether4-slave-local disabled=no
set ether5-slave-local disabled=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=no enabled=no max-cache-size=none max-client-connections=600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0
parent-proxy-port=0 port=8080 serialize-connections=no src-address=0.0.0.0
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ether1-gateway scope=30 target-scope=10
/ip service
set telnet address=“” disabled=no port=23
set ftp address=“” disabled=no port=21
set www address=“” disabled=no port=80
set ssh address=“” disabled=no port=22
set www-ssl address=“” certificate=none disabled=yes port=443
set api address=“” disabled=yes port=8728
set winbox address=“” disabled=no port=8291
/ip smb
set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=all
/ip smb shares
set [ find default=yes ] comment=“default share” directory=/pub disabled=no max-sessions=10 name=pub
/ip smb users
set [ find default=yes ] disabled=no name=guest password=“” read-only=yes
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/port firmware
set directory=firmware ignore-directip-modem=no
/queue interface
set ether1-gateway queue=only-hardware-queue
set ether2-master-local queue=only-hardware-queue
set ether3-slave-local queue=only-hardware-queue
set ether4-slave-local queue=only-hardware-queue
set ether5-slave-local queue=only-hardware-queue
/radius incoming
set accept=no port=3799
/routing bfd interface
set [ find default=yes ] disabled=no interface=all interval=0.2s min-rx=0.2s multiplier=5
/routing igmp-proxy
set query-interval=2m5s query-response-interval=10s quick-leave=no
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m gateway-selection=no-gateway origination-interval=5s preferred-gateway=0.0.0.0 timeout=1m ttl=50
/routing pim
set switch-to-spt=yes switch-to-spt-bytes=0 switch-to-spt-interval=1m40s
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no redistribute-connected=no redistribute-ospf=no redistribute-static=no
routing-table=main timeout-timer=3m update-timer=30s
/snmp
set contact=“” enabled=no engine-id=“” location=“” trap-generators=“” trap-target=“” trap-version=1
/system clock
set time-zone-name=manual
/system clock manual
set dst-delta=+00:00 dst-end=“jan/01/1970 00:00:00” dst-start=“jan/01/1970 00:00:00” time-zone=+00:00
/system gps
set channel=0 enabled=no set-system-time=no
/system identity
set name=MikroTik
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set ether5-slave-local disabled=yes display-time=5s
set ether4-slave-local disabled=yes display-time=5s
set ether3-slave-local disabled=yes display-time=5s
set ether2-master-local disabled=yes display-time=5s
set ether1-gateway disabled=yes display-time=5s
/system logging
set 0 action=memory disabled=no prefix=“” topics=info
set 1 action=memory disabled=no prefix=“” topics=error
set 2 action=memory disabled=no prefix=“” topics=warning
set 3 action=echo disabled=no prefix=“” topics=critical
/system note
set note=“” show-at-login=yes
/system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/system ntp server
set broadcast=no broadcast-addresses=“” enabled=no manycast=yes multicast=no
/system resource irq
set 0 cpu=auto
/system routerboard settings
set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=400MHz force-backup-booter=no silent-boot=no
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 user=“”
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=100
/tool e-mail
set address=0.0.0.0 from=<> password=“” port=25 starttls=no user=“”
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
set [ find default=yes ] disabled=yes interface=all
add disabled=no interface=ether2-master-local
add disabled=no interface=ether3-slave-local
add disabled=no interface=ether4-slave-local
add disabled=no interface=ether5-slave-local
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes interface=all
add disabled=no interface=ether2-master-local
add disabled=no interface=ether3-slave-local
add disabled=no interface=ether4-slave-local
add disabled=no interface=ether5-slave-local
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number=“” channel=0 keep-max-sms=0 receive-enabled=no secret=“”
/tool sniffer
set file-limit=1000KiB file-name=“” filter-ip-address=“” filter-ip-protocol=“” filter-mac-address=“” filter-mac-protocol=“” filter-port=“” filter-stream=yes interface=all memory-limit=100KiB memory-scroll=yes
only-headers=no streaming-enabled=no streaming-server=0.0.0.0
/tool traffic-generator
set latency-distribution-scale=10 test-id=0
/user aaa
set accounting=yes default-group=read exclude-groups=“” interim-update=0s use-radius=no

Please help.

leoservices · August 20, 2012, 2:49am

try the following: New Terminal you will reset the RB and remove the default settings with the command system-on reset defau = yes

then between Winbox via a MAC,
IP Adress - put the IP interfaces
IP Router on - create the default route
IP-configure DNS and check Alow Remote Requests
in IPFIREWALL create NAT NAT rule SRC

have to work,