WIreless Station Mode - No internet on LAN side

souljazk · June 1, 2022, 8:17am

Hi there. I've tried to figure my way out of this issue, but no luck.

Desired result - Internet -> Hotel Router (192.168.110.0/24) -> My HAP-Ac2 (172.16.1.0/24) -> my devices (wired) 172.16.1.10-20

WLAN1 = connected to Hotel Wifi in station mode. CAN ping internet
ETH1 = PoE In via injector, LAN side goes to a dumb 8 port switch.
Bridge (172.16.1.1). CAN ping internet

PC - Gets IP (172.16.1.x ; DNS 1.1.1.2 ; 1.0.0.2) but can NOT get internet.

Thank you for your assistance!

Export:

jun/01/2022 10:05:00 by RouterOS 6.49.6

software id = removed

model = RBD52G-5HacD2HnD

serial number = removed

/interface bridge
add name=bridge1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk,wpa2-eap management-protection=allowed mode=dynamic-keys name=profile1-wifi supplicant-identity="" wpa2-pre-shared-key=removed
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-onlyn country="removed" disabled=no frequency=2442 installation=indoor security-profile=profile1-wifi ssid=3D
set [ find default-name=wlan2 ] band=5ghz-n/ac country="removed" installation=indoor security-profile=profile1-wifi ssid=test
/ip pool
add name=dhcp_pool0 ranges=172.16.1.2-172.16.1.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge1 lease-time=1d name=dhcp1
/interface bridge port
add bridge=bridge1 interface=all
/interface detect-internet
set detect-interface-list=all internet-interface-list=all lan-interface-list=all wan-interface-list=all
/ip address
add address=172.16.1.1/24 interface=bridge1 network=172.16.1.0
/ip dhcp-client

DHCP client can not run on slave interface!

add disabled=no interface=wlan1
/ip dhcp-server network
add address=172.16.1.0/24 dns-server=192.168.110.1,1.1.1.2,1.0.0.2 gateway=172.16.1.1
/ip firewall nat
add action=masquerade chain=srcnat src-address=172.16.1.0/24 src-address-list=""
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=removed
[Principle@MikroTik] >

Ca6ko · June 1, 2022, 8:59am

/interface bridge port
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=wlan2

souljazk · June 1, 2022, 10:05am

Thank you for your assistance Ca6ko.

I've removed all entries under Bridge - ports & ran the commands you provided in the terminal. These are accepted as you can see in the export below.

The bridge can no longer ping 1.1.1.1. As soon as I add the bridge, then the bridge can ping 1.1.1.1.

Export:

jun/01/2022 12:00:59 by RouterOS 6.49.6

software id = Removed

model = RBD52G-5HacD2HnD

serial number = Removed

/interface bridge
add name=bridge1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk,wpa2-eap management-protection=allowed mode=dynamic-keys name=profile1-wifi supplicant-identity="" wpa2-pre-shared-key=Removed
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-onlyn country="Removed" disabled=no frequency=2442 installation=indoor security-profile=profile1-wifi ssid=3D
set [ find default-name=wlan2 ] band=5ghz-n/ac country="Removed" installation=indoor security-profile=profile1-wifi ssid=test
/ip pool
add name=dhcp_pool0 ranges=172.16.1.2-172.16.1.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge1 lease-time=1d name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=wlan2
/interface detect-internet
set detect-interface-list=all internet-interface-list=all lan-interface-list=all wan-interface-list=all
/ip address
add address=172.16.1.1/24 interface=bridge1 network=172.16.1.0
/ip dhcp-client
add disabled=no interface=wlan1
/ip dhcp-server network
add address=172.16.1.0/24 dns-server=192.168.110.1,1.1.1.2,1.0.0.2 gateway=172.16.1.1
/ip firewall nat
add action=masquerade chain=srcnat src-address=172.16.1.0/24 src-address-list=""
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Removed

erlinden · June 1, 2022, 10:23am

Do you get an IP address in the DHCP client?

souljazk · June 1, 2022, 10:47am

EDIT: I rebooted my HAP Ac2 and I do have internet on the LAN now Thank you @Ca6ko. DESPITE the bridge not being able to ping 1.1.1.1. Is this expected?

HI erlinden

Yes I do (WLAN1 192.168.110.48/24) which is part of the hotels IP range. It displays the following:
IP/ DHCP Server / Networks
Gateway 192.168.110.1
DHCP server 192.168.110.1
Primary DNS 192.168.110.1
Secondary DNS - N/A

On my windows device I get:

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 172.16.1.254
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.1.1

erlinden · June 1, 2022, 11:17am

I think if you want to test ping on your router, you should select the WAN interface. Bridge isn’t able to ping 1.1.1.1 on my RB box as well.

souljazk · June 2, 2022, 11:50am

Thank you erlinden for the info & confirming the bring ping "issue'.