Winbox Quick Set strange Local network IP

idanmikos · March 28, 2020, 9:25pm

Hi all,

Newbie but willing to learn, configured a Hex3 as router with two WAN’s, ISP1 and ISP2 on ethernet1 and 2 with failover.
Here is is my config

# mar/28/2020 22:43:00 by RouterOS 6.46.4
# software id = L5WD-NLXH
#
# model = RouterBOARD 750G r3
# serial number = 6Fxxxxxx1
/interface bridge
add admin-mac=6C:xx:xx:xx:xx:xx arp=proxy-arp auto-mac=no comment=defconf \
    name=bridge
/interface ethernet
set [ find default-name=ether1 ] comment=ISP1 name=ether1-ISP1
set [ find default-name=ether2 ] comment=ISP2 name=ether2-ISP2
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
add name=VPN_pool ranges=192.168.88.101-192.168.88.110
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
/ppp profile
add dns-server=xxx.y.y.z,xxx.y.y.w local-address=VPN_pool name=\
    VPN_profile remote-address=VPN_pool
/interface bridge port
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1-ISP1 list=WAN
/interface pptp-server server
set authentication=chap,mschap1,mschap2 default-profile=VPN_profile enabled=\
    yes mrru=1600
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
    192.168.88.0
add address=x.y.z.69/24 interface=ether1-ISP1 network=5.2.255.0
add address=192.168.z.ww/24 interface=ether2-ISP2 network=192.168.z.0
/ip dhcp-client
add comment=defconf
/ip dhcp-server lease
add address=192.168.88.36 client-id=1:0:aa:aa:ed:16:46 comment=\
    "Brother" mac-address=00:80:77:xx:zz:46 server=defconf
add address=192.168.88.23 client-id=1:0:aa:aa:d0:bf:15 mac-address=\
    00:10:20:D0:xx:zz server=defconf
add address=192.168.88.100 client-id=1:aa:aa:aa:e2:f1:bf comment=\
    "Dell" mac-address=74:E6:dd:vv:ff:BF server=defconf
add address=192.168.88.105 client-id=1:ff:fdf:zz:cc:ww:ad comment=\
    "Dell 2" mac-address=74:hh:hh:gg:23:AD server=defconf
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=\
    2xx.rrr.g.gg,2xx.rrr.g.1,1aa.vvv.a.31,1aa.vvv.a.30
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=accept chain=input comment="PPPT VPN" dst-port=1723 protocol=tcp
add action=accept chain=input comment=winbox dst-port=8291 protocol=tcp
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    ipsec-policy=out,none out-interface=ether1-ISP1
add action=masquerade chain=srcnat out-interface=ether2-ISP2
/ip route
add distance=1 gateway=x.y.aa.1
add check-gateway=ping distance=2 gateway=192.168.8.1
/ip service
set www-ssl address=192.168.88.0/24
/ip smb
set domain=HOMEGROUP
/ip ssh
set forwarding-enabled=remote
/ppp secret
add name=ppp1 profile=VPN_profile service=pptp
/system clock
set time-zone-name=Europe/Bucharest
/system identity
set name=netisol
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN

The router works well since 2 months but today I have just noticed in Winbox Quick Set that Local Network IP is in fact the second ISP’s IP.
If I connect to my router from some LAN desktop via browser, I use the correct IP 192.168.88.1 address and it works.
Attached is a screenshot of Quick Set.
Any clues on what may be wrong with my router config?

Thank you.
Dan
Annotation 2020-03-28 231322.jpg

Sob · March 28, 2020, 10:09pm

Simple rule is that once you do any change outside of Quick Set, you should forget that it exists and not use it again. If you do, it can break your config, because it can’t support all possible changes you do elsewhere.

idanmikos · March 28, 2020, 10:36pm

Fact is that I didn’t used Quick Set at all after configuring the router through IP-, Interfaces- and all other menus.
I have to mention that I have not used CLI, just winbox menus.

Sob · March 28, 2020, 11:14pm

Even better, then just ignore it completely and live happily ever after.