Hi there,

It's a simple lab test I setup. Prob a simple fix but I'm missing it. 2 x RB433's in wireless AP and station mode. PC on one side and Laptop on the other.

Side A (PC 192.168.2.2)

DST-ADDRESS PREF-SRC GATEWAY-STATE GATEWAY DISTANCE INTERFACE

0 A S 192.168.1.0/24 reachable 192.168.21.2 1 WLan1
1 ADC 192.168.2.0/24 192.168.2.180 0 Lan1
2 ADC 192.168.21.0/24 192.168.21.1 0 WLan1

Side B (Laptop 192.168.1.69)

DST-ADDRESS PREF-SRC GATEWAY-STATE GATEWAY DISTANCE INTERFACE

0 A S 192.168.2.0/24 reachable 192.168.21.1 1 WLan2
1 ADC 192.168.1.0/24 192.168.1.180 0 Lan2
2 ADC 192.168.21.0/24 192.168.21.2 0 WLan2

PC and Laptop can't ping each other. Can ping as far as gateways. Winbox also doesnt pick up other end RB's.
What seems to be the prob?

Thanks in advance.

tracert from one host to the IP of the host on the other side, see where there is no response and review IP address + gateway configuration on that hop (router, host)

i tracert right through to remote gateway (which is the remote Wlan interface), but no further. Would i not need an additional gateway from the Wlan interface to the Ether1 to route traffic out to the client?

I think so. /export in /ip route please and paste it here.

This is SideA for example, let me know if you would like me to paste the routing of SideB too.

[admin@AA] /ip route> /export

jan/01/2002 03:08:08 by RouterOS 3.17

software id = RDCG-3TT

/interface ethernet
set 0 arp=enabled auto-negotiation=yes comment="" disabled=no full-duplex=yes mac-address= mtu=1500 name=Lan1 speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment="" disabled=yes full-duplex=yes mac-address=00:0C:42:0B:73:C2 master-port=none mtu=1500 name=ether2 speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment="" disabled=yes full-duplex=yes mac-address= master-port=none mtu=1500 name=ether3 speed=100Mbps
/interface wireless security-profiles
set default authentication-types=wpa-psk,wpa2-psk group-ciphers=tkip group-key-update=5m interim-update=0s mode=none name=default radius-eap-accounting=no radius-mac-accounting=no radius-mac-authentication=no
radius-mac-caching=disabled radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=none static-key-0="" static-key-1=""
static-key-2="" static-key-3="" static-sta-private-algo=none static-sta-private-key="" static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=none tls-mode=no-certificates unicast-ciphers=tkip
wpa-pre-shared-key=mikr0tik wpa2-pre-shared-key=******
add authentication-types=wpa-psk,wpa2-psk group-ciphers=tkip group-key-update=5m interim-update=0s mode=dynamic-keys name=WPA2 radius-eap-accounting=no radius-mac-accounting=no radius-mac-authentication=no
radius-mac-caching=disabled radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=none static-key-0="" static-key-1=""
static-key-2="" static-key-3="" static-sta-private-algo=none static-sta-private-key="" static-transmit-key=key-0 supplicant-identity="" tls-certificate=none tls-mode=no-certificates unicast-ciphers=tkip
wpa-pre-shared-key=mikrotik wpa2-pre-shared-key=*****
/interface wireless
set 0 ack-timeout=dynamic adaptive-noise-immunity=none allow-sharedkey=no antenna-gain=0 antenna-mode=ant-a area="" arp=enabled band=5ghz basic-rates-a/g=6Mbps basic-rates-b=1Mbps burst-time=disabled comment=""
compression=no country="south africa" default-ap-tx-limit=0 default-authentication=yes default-client-tx-limit=0 default-forwarding=yes dfs-mode=none disable-running-check=no disabled=no disconnect-timeout=3s
frame-lifetime=0 frequency=5700 frequency-mode=manual-txpower hide-ssid=no hw-retries=4 mac-address= max-station-count=2007 mode=ap-bridge mtu=1500 name=WLan1 noise-floor-threshold=default
on-fail-retry-time=100ms periodic-calibration=default periodic-calibration-interval=60 preamble-mode=both proprietary-extensions=post-2.9.25 radio-name=AA rate-set=default scan-list=default security-profile=
default ssid=Lab station-bridge-clone-mac=00:00:00:00:00:00 supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps tx-power-mode=default
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled wmm-support=enabled
/interface wireless manual-tx-power-table
set WLan1 comment="" manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9Mbps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-1:0,HT20-2:0,HT20-3:0,HT20-4:0,HT20-5:0,HT20-6:0,HT20
-7:0,HT20-8:0,HT40-1:0,HT40-2:0,HT40-3:0,HT40-4:0,HT40-5:0,HT40-6:0,HT40-7:0,HT40-8:0"
/interface wireless nstreme
set WLan1 comment="" disable-csma=no enable-nstreme=no enable-polling=yes framer-limit=3200 framer-policy=none
/ip hotspot profile
set default dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 split-user-domain=no
use-radius=no
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set default auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m name=default pfs-group=modp1024
/port
set 0 baud-rate=auto data-bits=8 flow-control=none name=serial0 parity=none stop-bits=1
/ppp profile
set default change-tcp-mss=yes comment="" name=default only-one=default use-compression=default use-encryption=default use-vj-compression=default
set default-encryption change-tcp-mss=yes comment="" name=default-encryption only-one=default use-compression=default use-encryption=yes use-vj-compression=default
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
set default-small kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes comment="" disabled=no ignore-as-path-len=no name=default out-filter="" redistribute-connected=no redistribute-ospf=no redistribute-other-bgp=no
redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf area
add area-id=0.0.0.0 authentication=none disabled=no name=backbone type=default
/snmp
set contact="" enabled=no engine-boots=0 engine-id="" location="" time-window=15 trap-sink=0.0.0.0 trap-version=1
/snmp community
set public address=0.0.0.0/0 authentication-password="" authentication-protocol=MD5 encryption-password="" encryption-protocol=DES name=public read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-lines=100 disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote name=remote remote=0.0.0.0:514 target=remote
/system routerboard settings
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=300MHz enable-jumper-reset=yes enter-setup-on=any-key
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=300MHz enable-jumper-reset=yes enter-setup-on=any-key
/user group
add name=read policy=local,telnet,ssh,reboot,read,test,winbox,password,web,sniff,!ftp,!write,!policy
add name=write policy=local,telnet,ssh,reboot,read,write,test,winbox,password,web,sniff,!ftp,!policy
add name=full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff
/user
add address=0.0.0.0/0 comment="system default user" disabled=no group=full name=admin
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-vlan=no
/interface ethernet mirror
set mirror-port=none source-port=none
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=default enabled=no keepalive-timeout=60 mac-address=FE:D7:22:1A:5C:0A max-mtu=1500 mode=ip netmask=24 port=1194
require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor= filter-mac=00:00:00:00:00:00 frame-size=300 frames-per-second=25 receive-all=yes ssid-all=yes
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 multiple-channels=no only-headers=no receive-errors=no streaming-enabled=no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.21.1/24 broadcast=192.168.21.255 comment="" disabled=no interface=WLan1 network=192.168.21.0
add address=192.168.2.180/24 broadcast=192.168.2.255 comment="" disabled=no interface=Lan1 network=192.168.2.0
/ip dhcp-server config
set store-leases-disk=5m
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB max-udp-packet-size=512 primary-dns=0.0.0.0 secondary-dns=0.0.0.0
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s
tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip neighbor discovery
set Lan1 discover=yes
set ether2 discover=yes
set ether3 discover=yes
set WLan1 discover=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=no enabled=no max-cache-size=unlimited max-client-connections=600 max-fresh-time=3d max-server-connections=600 parent-proxy=
0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=no src-address=0.0.0.0
/ip route
add disabled=no distance=1 dst-address=192.168.1.0/24 gateway=192.168.21.2 scope=30 target-scope=10
/ip route rule
add action=lookup comment="" disabled=no dst-address=192.168.1.0/24 table=main
/ip service
set telnet address=0.0.0.0/0 disabled=no port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=80
set ssh address=0.0.0.0/0 disabled=no port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/ipv6 nd
add advertise-mac-address=yes disabled=no hop-limit=unspecified interface=all mtu=unspecified ra-delay=3s ra-interval=3m20s-10m ra-lifetime=30m reachable-time=unspecified retransmit-interval=unspecified
/ipv6 nd prefix default
set autoconfig=yes on-link=yes preferred-lifetime=1w valid-lifetime=4w2d
/mpls
set dynamic-label-range=16-1048575
/mpls interface
add comment="" disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 use-explicit-null=no
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set Lan1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set WLan1 queue=wireless-default
/radius incoming
set accept=no port=3799
/routing igmp-proxy
set query-interval=2m5s query-response-interval=10s quick-leave=no
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m gateway-selection=no-gateway origination-interval=5s preferred-gateway=0.0.0.0 timeout=1m ttl=50
/routing ospf
set distribute-default=always-as-type-1 metric-bgp=20 metric-connected=20 metric-default=1 metric-rip=20 metric-static=20 mpls-te-area=unspecified mpls-te-router-id=unspecified redistribute-bgp=no
redistribute-connected=as-type-1 redistribute-rip=no redistribute-static=as-type-1 router-id=0.0.0.0
/routing pim
set switch-to-spt=no switch-to-spt-bytes=0 switch-to-spt-interval=0s
/routing rip
set distribute-default=always garbage-timer=2m metric-bgp=1 metric-connected=1 metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no redistribute-connected=yes redistribute-ospf=no
redistribute-static=yes timeout-timer=3m update-timer=30s
/routing rip neighbor
add address=192.168.1.180 disabled=no
/routing ripng
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no redistribute-connected=no redistribute-ospf=no redistribute-static=
no timeout-timer=3m update-timer=30s
/store
add comment="" disabled=no disk=system name=user-manager1 type=user-manager
add comment="" disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start="jan/01/1970 00:00:00" time-zone=+00:00
/system console
add disabled=no port=serial0 term=vt102
/system gps
set enabled=no set-system-time=yes
/system health
set fan-mode=auto use-fan=main
/system identity
set name=AA
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=no mode=unicast primary-ntp=196.4.160.4 secondary-ntp=0.0.0.0
/system ntp server
set broadcast=no enabled=no manycast=yes multicast=no
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=no no-ping-delay=3m send-email-from=1 send-email-to=1 watch-address=none watchdog-timer=no
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=10
/tool e-mail
/tool graphing
set store-every=5min
/tool mac-server
add disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sniffer
set file-limit=10 file-name="" filter-address1=0.0.0.0/0:0-65535 filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=yes interface=all memory-limit=10 only-headers=no streaming-enabled=no
streaming-server=0.0.0.0
/tool user-manager customer
add comment="" disabled=no login=admin parent=admin password="" paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no permissions=owner signup-allowed=no subscriber=admin time-zone=+00:00
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
[admin@AA] /ip route>


Thanks again for your effort to assist me

hmm.. interesting…

ummmmm where to from here?

wiki.mikrotik.com/wiki/Simple_Static_Routes_Example

Fresh.

Hi thanks for your assistance, but this is what i had already configured (albeit there were only 2 rb’s not 4. 192.168.2.2 and 192.168.1.69 were the actual pc and laptop IP’s) but it didnt work, as it I can only ping up to the gateway, but no further. ie. from the 192.168.1.x i can ping the gateway 192.168.21.1(Wlan on opposite RB) and the opposing ether1, but nothing else.

Am i not missing one additional static route out ie. Wlan1 to the ether1? (because it seems to go no further than the gateway ie opposite Wlan1)
Is EoIP an option?

Thanks ahead for the guidance

Check tracert output message if any, any antivirus and firewalls running, check routes on the PC and Laptop, check ping from Router1 to Router 2 (connect via WinBox to Router 1/2 and use the ping tool/command from there) …

have u tried to bridge them and add routes place one ap i ap-bridge mode and the other in station wds mode to be able to bridge them and simpe as it is add dhcp-server on ap-bridge (bridge all intefaces on both MK and than add ip to bridge and then add dhcp-server to ap that has ap-bridge and dhcp-client on MK 2) all config should be automaticly and u should be able to ping ass long sa u want each one of then since u’ll be on same subnet e.g. /24 and add 192.168.1.1/24 on bridge MK1 and just run dhcp-server/setup on MK1 on bridge