Dear All i recently bought an RBM11G to be used with a R11e LTE modem, but i could not make it working with my PC

The modem is recognized by the routerboard as LTE interface and connect does connect as well ( i was able to upgrade the RBM11G FW also).

Even that..i was not able to navigate with my pc who still detect no internet access.

I created a bridge connection, but following one guide on youtube, i was not able to create a DHCP client on the lte…is simply not recognized.

Somebody can help me to solve this issue.?

Does exist any guide to do a proper installation?

The modem is working fine as i used it on a RB SXT LTE without problems.

Thanks on advance to anyone will help me.

Maurizio

The only information is on these forums or in the Wiki: https://wiki.mikrotik.com/wiki/Manual:Interface/LTE
Scroll down to see an example.

You don’t need to create a DHCP client manually or bridges.

You need to create the APN profile and set it to the interface. If all is correct you will see a “R” letter on your LTE interface that means that is running.

After this you need to create a DHCP server on your ether1 interface using DHCP setup and masquerade the traffic on IP → Firewall → NAT.

Before all this I recommend reset configuration deleting default configuration.

Regards.

HI.

The Lte interface is working fine. The R is present . I upgraded the RB Fw this morning.

I created the DHCP server on ether1 but no way to use internet.

I do not have internet connection yet..

Any other check i need to do?

THanks in advance.

Maurizio

Masquerade the traffic in Firewall.

Regards.

Hello.

Do you mean to activate or deactivate the firewall from the quick setup menu?

Thanks

Can you explain me how to do it?

But there is anyhow something not clear to me.

I used the same sim with the SXT LTE without any problem..i just settled the apn and everything worked smooth..why so complicated with the RBM11G..?

THanks in advance.

Maurizio

IP → Firewall → NAT

Add

Chain: srcnat
Out. Interface: lte1
Action: Masquerade (This on “action” tab)

Regards.

Or, better yet (if using firewall rules resembling default rules from recent ROS versions) add lte1 interface to WAN interface list. It’ll magically make RB to use all the right firewall rules.

Hi guys.

I did both but does not work.

I added a masquerade on NAT Firewall..wan lte1 on interface list was present already..

But i stil do not have internet available on LAN.

Does internet work on RBM11G itself? You can check it by executing

/ping www.google.com

If this works, then it’s something about LAN setup (either IP settings on router, DHCP settings or firewall rules). If it doesn’t, then it’s something about LTE and/or WAN setup.

Hi.

Internet on RBM11G works fine. I updated the RB firmware to the 6.45 so far.

I’ve the problem on the LAN..no internet access..

Hi.

Anytime i connect the modem, i got lte1 under DHCP Client..but looks as inactive.

If i try to enable..then lte1 interface is not available anymore but only ethern1 or Bridge if i’ve one..

Why?

Thanks in advance.

Maurizio

Post full configuration of RBM11G … you can get it by executing command /export hide-sensitive in a command window. Hide sensitive data (such as usernames and passwords) and then post it here, enclosing it in [__code][/code] environment for better readability..

Here we are-!!

aug/26/2019 18:32:11 by RouterOS 6.46beta34

software id = CURC-HK0N

model = RouterBOARD M11G

serial number = 9BDE0A6121D6

/interface lte
set [ find ] mac-address=AC:FF:FF:00:00:00 name=lte1
/interface list
add name=WAN
add name=LAN
/interface lte apn
set [ find default=yes ] apn=mobile.vodafone.it
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=192.168.88.2-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=ether1 name=dhcp1
/interface list member
add interface=lte1 list=WAN
add interface=ether1 list=LAN
add list=LAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether1 network=192.168.88.0
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1 netmask=24
/ip firewall nat
add action=masquerade chain=srcnat out-interface=lte1
/ip upnp interfaces
add interface=ether1 type=internal
add interface=lte1 type=external
/system clock
set time-zone-name=Europe/Rome
/system routerboard settings
set auto-upgrade=yes

What do print the following commands?

/interface print detail
/ip dhcp-client print detail # obfuscate any public data
/ip address print detail  # you might want to obfuscate public WAN address here
/ip route print detail # obfuscate the public route

Just try to obfuscate public data following the same pattern, e.g. replace first two octets with some letters (e.g. 8.8.8.8 → aa.bb.8.8 ) and do it the same way for output of all commands so we can clearly see any patterns.

Hmm… the /ip dhcp-server network seems flakey … I’d say you should add dns-servers=8.8.8.8,1.1.1.1 to it so that LAN devices get information about DNS servers to be used for resolving names to IP addresses. You might want to repkace tge IP addresses in my example with IP addresses of your ISP (some forum members feel strongly against it though).

BTW, you’ll have to something about non-existant firewall, right now your RB is easy target for any malicious internet user. Does /system default-configuration print show any useful commands in /ip firewall filter section? If it does, I suggest you to copy-paste them back to command window.

Do you have DNS servers configured on your DHCP server?

Regards.

HI .

I will check if DNS server are settled.

If i’m not wrong should be there.

Honestly i expected something easier to setup..compared with the SXT LTE is quite difficult for me as i’m not expert with it.

I will check everything and i will back to you.

I’ve one question guys regarding the new LtAP.

If i buy the version without modem..i will need to handle the same problems as today or is a more PnP device?

THanks in advance.

Maurizio

here more info

[admin@MikroTik] /ip firewall filter>> /interface print detail
Flags: D - dynamic, X - disabled, R - running, S - slave
0 R name=“ether1” default-name=“ether1” type=“ether” mtu=1500 actual-mtu=1500 l2mtu=1596 max-l2mtu=2026 mac-address=74:4D:28:45:6A:10 last-link-up-time=aug/26/2019 21:39:41 link-downs=0

1 R name=“lte1” type=“lte” mtu=1480 actual-mtu=1480 mac-address=AC:FF:FF:00:00:00 last-link-up-time=aug/26/2019 21:40:20 link-downs=0


IP address print detail

Flags: X - disabled, I - invalid, D - dynamic
0 ;;; defconf
address=192.168.88.1/24 network=192.168.88.0 interface=ether1 actual-interface=ether1

1 D address=aa.bb.92.242/32 network=aa.bb.92.242 interface=lte1 actual-interface=lte1



[admin@MikroTik] /ip firewall filter>> /ip dhcp-client print detail
Flags: X - disabled, I - invalid, D - dynamic
[admin@MikroTik] /ip firewall filter>>




[admin@MikroTik] /ip firewall filter>> /ip route print detail
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
0 ADS dst-address=0.0.0.0/0 gateway=lte1 gateway-status=lte1 reachable distance=2 scope=30 target-scope=10

1 ADC dst-address=aa.bb.cc.242/32 pref-src=aa.bb.cc.242 gateway=lte1 gateway-status=lte1 reachable distance=0 scope=10

2 ADC dst-address=192.168.88.0/24 pref-src=192.168.88.1 gateway=ether1 gateway-status=ether1 reachable distance=0 scope=10

You can ping on your PC to 8.8.8.8?

Regards.