Hi all, I’m new on Mikrotik. I’ve read a lot but I’ve a problem and hope if anybody could help me please!
I have next infrastructure at home:
Both MiGo (for heating) & Airzone (for air conditioner) are WiFi thermostats which can be controlled via Android Apps remotely. Both are registered into their relevant manufacturer cloud platforms to allow connect from any site.
As both devices work through cloud platforms, no need to map any port on router NAT
I’ve changed my FTTH connection at home from Orange to Vodafone
-Orange runs as DHCP directly on VLAN832
-Vodafone runs on PPPoE service with user/password authentication on VLAN24
I use this configuration for orange connection and everything worked Ok:
# dec/22/2017 01:16:25 by RouterOS 6.42rc39
# software id = F1YB-5JF0
#
# model = RouterBOARD 750G r2
# serial number = XXXXXXXXXXXX
/interface bridge
add admin-mac=XX:XX:XX:XX:XX:XX auto-mac=no comment=\
"created from master port" name=bridge1 protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] name=eth1-wan
set [ find default-name=ether2 ] name=eth2-lan-master
set [ find default-name=ether3 ] name=eth3-lan
set [ find default-name=ether4 ] name=eth4-lan
set [ find default-name=ether5 ] name=eth5-lan
/interface vlan
add interface=eth1-wan mtu=1492 name=vlan832 vlan-id=832
/interface list
add exclude=dynamic name=discover
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=DHCP_LAN_IPv4 ranges=192.168.1.200-192.168.1.254
/ip dhcp-server
add address-pool=DHCP_LAN_IPv4 authoritative=after-2sec-delay disabled=no \
interface=bridge1 lease-time=1d name=DHCP_Server
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/interface bridge port
add bridge=bridge1 interface=eth3-lan
add bridge=bridge1 interface=eth4-lan
add bridge=bridge1 interface=eth5-lan
add bridge=bridge1 interface=eth2-lan-master
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface list member
add interface=bridge1 list=discover
add interface=eth3-lan list=discover
add interface=eth4-lan list=discover
add interface=eth5-lan list=discover
add interface=eth2-lan-master list=discover
add list=discover
/ip address
add address=192.168.1.1/24 interface=bridge1 network=192.168.1.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=vlan832
/ip dhcp-server lease
add address=192.168.1.2 client-id=1:yy:yy:yy:yy:yy:yy comment=AP_Ubiquiti \
mac-address=YY:YY:YY:YY:YY:YY server=DHCP_Server
add address=192.168.1.4 client-id=1:zz:zz:zz:zz:zz:zz comment=NAS_Synology \
mac-address=ZZ:ZZ:ZZ:ZZ:ZZ:ZZ server=DHCP_Server
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes
/ip firewall filter
add action=fasttrack-connection chain=forward comment=\
"Forward - Fasttrack established & related" connection-state=\
established,related
add action=accept chain=forward comment=\
"Forward - Allow established & related" connection-state=\
established,related
add action=accept chain=input comment="Input - Allow established & related" \
connection-state=established,related
add action=drop chain=input comment="Input - Drop WAN invalid" \
connection-state=invalid in-interface=vlan832
add action=drop chain=forward comment="Forward - Drop WAN invalid" \
connection-state=invalid in-interface=vlan832
add action=accept chain=input comment="Input - Allow ping" protocol=icmp
/ip firewall nat
add action=masquerade chain=srcnat out-interface=vlan832
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www port=8001
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip smb shares
set [ find default=yes ] directory=/pub
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=bridge1 type=internal
add interface=eth4-lan type=internal
add interface=eth3-lan type=internal
/system clock
set time-zone-name=Europe/Madrid
/system ntp client
set enabled=yes server-dns-names=pool.ntp.org
/system package update
set channel=release-candidate
/system routerboard settings
set silent-boot=no
/tool bandwidth-server
set enabled=no
/tool graphing interface
add
/tool graphing queue
add
I can navigate, access to Webserver in the NAS which is connected through Ethernet wire, and I can access to both thermostats running Migo App or AirzoneCloud App from my phone
So, I’ve modified Orange connection ONLY to add PPPoE client for Vodafone connection:
# dec/22/2017 01:14:12 by RouterOS 6.42rc39
# software id = F1YB-5JF0
#
# model = RouterBOARD 750G r2
# serial number = XXXXXXXXXXXX
/interface bridge
add admin-mac=XX:XX:XX:XX:XX:XX auto-mac=no comment=\
"created from master port" name=bridge1 protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] name=eth1-wan
set [ find default-name=ether2 ] name=eth2-lan-master
set [ find default-name=ether3 ] name=eth3-lan
set [ find default-name=ether4 ] name=eth4-lan
set [ find default-name=ether5 ] name=eth5-lan
/interface vlan
add interface=eth1-wan mtu=1492 name=vlan24 vlan-id=24
/interface pppoe-client
add add-default-route=yes default-route-distance=0 disabled=no interface=\
vlan24 name=pppoe-out1 password=XXXXXXXX user=XXXXXXXXXXXX
/interface list
add exclude=dynamic name=discover
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=DHCP_LAN_IPv4 ranges=192.168.1.200-192.168.1.254
/ip dhcp-server
add address-pool=DHCP_LAN_IPv4 authoritative=after-2sec-delay disabled=no \
interface=bridge1 lease-time=1d name=DHCP_Server
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/interface bridge port
add bridge=bridge1 interface=eth3-lan
add bridge=bridge1 interface=eth4-lan
add bridge=bridge1 interface=eth5-lan
add bridge=bridge1 interface=eth2-lan-master
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface list member
add interface=bridge1 list=discover
add interface=eth3-lan list=discover
add interface=eth4-lan list=discover
add interface=eth5-lan list=discover
add interface=eth2-lan-master list=discover
add interface=pppoe-out1 list=discover
/ip address
add address=192.168.1.1/24 interface=bridge1 network=192.168.1.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=vlan24
/ip dhcp-server lease
add address=192.168.1.2 client-id=1:yy:yy:yy:yy:yy:yy comment=AP_Ubiquiti \
mac-address=YY:YY:YY:YY:YY:YY server=DHCP_Server
add address=192.168.1.4 client-id=1:zz:zz:zz:zz:zz:zz comment=NAS_Synology \
mac-address=ZZ:ZZ:ZZ:ZZ:ZZ:ZZ server=DHCP_Server
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes
/ip firewall filter
add action=fasttrack-connection chain=forward comment=\
"Forward - Fasttrack established & related" connection-state=\
established,related
add action=accept chain=forward comment=\
"Forward - Allow established & related" connection-state=\
established,related
add action=accept chain=input comment="Input - Allow established & related" \
connection-state=established,related
add action=drop chain=input comment="Input - Drop WAN invalid" \
connection-state=invalid in-interface=pppoe-out1
add action=drop chain=forward comment="Forward - Drop WAN invalid" \
connection-state=invalid in-interface=pppoe-out1
add action=accept chain=input comment="Input - Allow ping" protocol=icmp
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www port=8001
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip smb shares
set [ find default=yes ] directory=/pub
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=bridge1 type=internal
add interface=eth4-lan type=internal
add interface=eth3-lan type=internal
/system clock
set time-zone-name=Europe/Madrid
/system ntp client
set enabled=yes server-dns-names=pool.ntp.org
/system package update
set channel=release-candidate
/system routerboard settings
set silent-boot=no
/tool bandwidth-server
set enabled=no
/tool graphing interface
add
/tool graphing queue
add
And I have a problem: None of the thermostats can be reached. Rest of network features works ok.
I’m currently not using Mikrotik due to this issue. I’m using Vodafone router (Router WiFi options disabled and connected to same Ubiquiti AP to serve WiFi signal)
and both devices work successfully!! Obviously is some kind of routing which I don’t understand because I only have aded PPPoE interface and I’m not able to find it.
Any idea or test to be done?
Thanks!!