I’m trying without any success to turn an RB951-2n into a WISP client that will NAT not only the Ether ports but also as a Wi-Fi AP, too. I’m just doing this as proof-of-concept and to further my knowledge of RouterOS.
I’ve done this with TP-Link products, but I’m really having a problem with RouterOS.
I have the RB successfully joining the Wi-Fi network as a station and NATing that to the Ether ports, but when I add a Virtual AP, I never see this Wi-Fi network advertised…
I should be able to split the radio time against station and AP mode, right? I thought I read somewhere in the Wiki or Forums a while back that this was possible, but I can’t find it now…
Here is my config. Hopefully someone can point out where I’m going wrong?
Well I’ve discovered that the Virtual AP SSID is only advertised/broadcast with the main wlan1 is set to “ap bridge” mode. If I set wlan1 to “station” or “station pseudobridge” it seems Virtual AP is disabled.
Is this by design? Is there some way around it? What am I missing?
Seems like with all of features of RouterOS that it should be able to do what I’m trying… Especially if a $35 TP-Link can… ugh. :-/
RB can only connect to non-RB WiFi AP when Wireless mode set to “station” or “station bridge” (other modes try to negotiate WDS).
When in “station” or “station bridge” mode, the Virtual AP function doesn’t work (the SSID is never broadcast).
Therefore, without having two radios, I cannot do what I wanted. I will submit a ticket to MikroTik to request the feature.
Here’s an example use case:
Hotel WiFi usually require a password through its hotspot gateway. Google Chromecast does not have a web browser, nor can you control it without being on the same IP subnet with another device (computer, tablet, phone). Therefore you cannot connect the Chromecast to hotel WiFi and control it, because the hotel sees the Chromecast MAC address as a unique device of course, and the Chromecast has no way to authenticate through the hotspot gateway.
Solution 1: clone the Chromecast MAC address with another device temporarily so authenticate against the hotspot gateway. This is cumbersome, especially when you need to renew the authentication every so often.
Solution 2: configure a router to join the hotel WiFi, and also serve a different WiFi AP for devices to connect such as Chromecast, computer, phone, tablet, etc. This presents a single MAC address to the hotel hotspot gateway, and so a device with web browser can authenticate once and all other devices can then use the connection. It seems ROS (as of v6.9) is not capable of operating in this mode (with a single radio). It can NAT the WiFi station mode to the Ether ports successfully, but it cannot simultaneously join an 802.11 WiFi network in station mode and also operate in a separate AP (Virtual AP) mode to serve stations. I have confirmed that the that TP-Link MR3020 works for this use case in the WISP mode (and Chromecast through it was a success) and is US$35.
Hopefully MikroTik can add this functionality to a future release of ROS!
Sadly, nothing yet. This is one of a few small features I’m missing in order for RouterOS to be a complete replacement for every type of router & firewall I use.
For now, when WISP is needed, I have to resort to crappy, low-powered, cheap TP-Link pocket routers. For Chromecast specifically, I like the 3040 model because it has a built-in battery (replaceable, even!) and is still USB-powered. It works great in the hotel rooms.
TP-Link uses Atheros SoC just like RouterBoard, so the missing feature is really RouterOS software implementation.
If RouterOS would add “WISP” station + AP mode, and OpenVPN “Road Warrior” config support, I could use it for everything!
You can use AP bridge mode and add a WDS link (virtual interface) that connects to another AP. Than add virtual AP for connecting the clients. Routing/bridging is possible as wds link is independent interface to virtual AP from the L2/L3 point of view because they have their own mac addresses and ip addresses.
I will try this out to be sure. But the main problem I think is that WDS is a proprietary implementation between vendors (not clear on whether this is the wireless/SoC implementation, or the OS/software implementation). I seem to have some luck getting non-RouterBoard Atheros-based SoCs to WDS-slave to Atheros-based RouterBoard, and vice-versa, but the WDS slave mode on RouterBoard will not attach to everything like a client/station would.
Unfortunately no luck. If I have the radio in AP Bridge mode, I can add a WDS subinterface but there doesn’t seem to be any way to actually configure it for an SSID, channel, or security profile.
If I use Client WDS or Slave WDS modes, the wireless debug log complains that the other device is an AP instead of WDS, or that the RouterBoard wants “MT WDS” (proprietary).
If I configure the radio mode to any of the station bridge modes, it does successfully connect, but then the Virtual AP SSID is not broadcast.
I just tried this all again with 6.13 and it’s the same behavior as the last time I tried (with 6.9). I’m using RB951-2n for this testing.
Alas, looks like it’s still the cheapo TP-Link crap for now, or I have to buy a much more expensive RB912 and an extra radio card.
Not all manufacturer WDS modes are compatible.
You can try to use mode=ap-bridge and create a WDS interface to interconnect with your main AP. Then bridge together Wireless interface with WDS interface.
I think I did try your suggestion. When I had the RB set to ap-bridge, using the same channel, SSID, and security profile as the other AP, the wireless debug log just said “disconnecting: extensive data loss”.
Is it possible you can supply a sample configuration doing what you suggest to make sure I haven’t missed something?
I can say nothing about wds conections between mikrotik and other devices, as I have not tried it.But it could be possible according to this statement (WDS should work with Ubiquiti and TP-Link, but from some reason it is thought that none can know that): http://forum.mikrotik.com/t/repeater-bridge/77395/1
Anyway, I am using actually two omnitiks in wds link, both with their own wans, mutually backuping trhu wds and allowing to connect clients to VirtualAP on both of them. Each device is set as follows (exports from one side only, security profile data removed, ssids, macs and frequencies altered):
/interface wireless> export
/interface wireless
set [ find default-name=wlan1 ] adaptive-noise-immunity=ap-and-client-mode
antenna-gain=6 band=5ghz-a/n channel-width=20/40mhz-Ce country=
“MyCountry” disabled=no frequency=5300 frequency-mode=
regulatory-domain l2mtu=1600 mode=ap-bridge name=ath1 radio-name=MyAP01
security-profile=MyAPWDS ssid=“” wds-default-bridge=bridge1
wds-ignore-ssid=yes wds-mode=static-mesh wireless-protocol=802.11
wmm-support=enabled
add disabled=no l2mtu=1600 mac-address=02:0C:42:D9:01:01 master-interface=
ath1 name=MyAP01 security-profile=MyAP ssid=MyAP01 wds-cost-range=0
wds-default-bridge=bridge1 wds-default-cost=0 wds-mode=static-mesh
wmm-support=enabled
/interface wireless wds
add disabled=no l2mtu=1600 master-interface=ath1 name=MyAP01-02 wds-address=
00:0C:42:DA:01:03As you can see, there is one physical wifi, one virtualAP and one wds link. VirtualAP and wds link are members of bridge1. Physical interface is not in the bridge. It is used only for radio parameters settings, no data communication on it. WDS link does not need any SSID settings, its done via its peer mac address and frequency with the same security profile set on physical interface. Both devices have their own SSIDs on virtualAP, no ssid on physical interface and no ssid on wds.
I have two networks using WDS links between RouterBoards. No problems with them.
But when I’m in a foreign environment and I want to join the Wi-Fi network and broadcast my own AP, I apparently cannot do that with RouterOS unless the foreign Wi-Fi is Atheros/Ubnt/TP-Link and I can use WDS.
The $25 TP-Link can join a Wi-Fi network as a station (not WDS), simultaneously broadcast a separate AP network, and NAT between the two. They call this “WISP” mode, which is ambiguous of course. But the WISP interface (Wi-Fi station connection) works as a WAN connection and it does NAT on it. Typically works very well, but the devices have poor range and sometimes I have problems with the software not working right.
I’d very much prefer to use RouterOS/RouterBoard for all of my networking needs, LOL. I’m just trying to buy more products!
These wisp or universal repeater functions are really nice but I understand that mikrotik doesn’t want to make such mode. It would bring another compatibility problems. It is always better to use two radios on different frequencies one as client and the other as ap. And for the interim period you can use some tplink or airlive. I am sure you will get rid of it soon.
If the device you want to be connected to is not yours, you should always negotiate and agree with its owner about the way how to cooperate. He can allow you to connect in the wds mode. Remember that with the connection mode you asked for you are just going to make interference to him. It’s something you should not do.
I just tried again with my new hAP lite, RouterOS v6.27.
Still doesn’t work.
akoni@, why do you think this WISP Client mode is supported? The “WISP” QuickSet does not configure for the mode we’re trying to implement here in this thread.
Normally router os does not allow to use the same radio as station and ap simultaneously. The only exception is to use WDS as PTP link to other WDS enabled device and bridge Ap mode (or virtual ap on it). This could successfully emulate something like simultaneous client+ap mode.
There is nothing like “Universal repeater” or “WISP repeater” mode available. Seems will never be as it is not necessary (recommendable) in normal networks.
Other vendors, such as TP-Link implement simultaneous station + AP mode in Atheros chipset. It is a very useful feature for, e.g., creating small AP cell in a hotel WiFi environment. The Atheros chipset supports it, so it would be nice if Router OS would implement.
I am confused that cheap device from other vendor (e.g. TP-Link MR3020) can do this and MT Not!
And i think it is usefull feature. For example - to use in hotels, airports where you will get connect for one device (with first time ad view) and retransmit (broadcast) to all my devices.
I saw many posts where peoples said that its possible, but i cant get working configs…
