Community discussions

MUM Europe 2020
 
bosal
just joined
Topic Author
Posts: 10
Joined: Sat Feb 06, 2016 12:30 am

Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Sun Feb 14, 2016 2:28 am

Hello,
I managed to set up a MikroTik router for our restaurant. I have two problems:

1. I would like to block access for our customers using Hotspot to try accessing DSL Modem.
2. I've set up Wireless in my home, and it worked as it should but when I've moved the router to the destination location I can't connect to it. I'm using a MacBook.

Ok so my setup is like this:

DSL Router with DHCP server (192.168.1.1) -> MikroTiK
Mikrotik config:
  • ether1 - a DHCP Client for the DSL router (WAN)
    ether2 - a DHCP Server for LAN 192.168.2.0/24
    ether3 - a DHCP Server for TP-Link Router with the Hotspot 192.168.4.0/24
    ether4 - off
    ether5 - off
    wlan1 - bridged with ether2
TP-Link Router (on DD-WRT):
DHCP Server 192.168.5.0/24 - using 2 ethernet ports for Apple TV
On WiFi there is a Hotspot DHCP Server 192.182.1.0 (or something like that)

I do not want my clients connected to the Hotspot to try to hack in to Mikrotik - I manged to do that using Firewall rules. But also I do not want for them to have access to the DSL router as it security is weak but it's also WAN gateway.

I would like to connect to the service Wireless but I can't with my macos :/ I could in my home, and almost nothing changed.

How to make this happen and how to fix the WiFi problem ?
 
kiaunel
Member Candidate
Member Candidate
Posts: 211
Joined: Mon Jul 21, 2014 7:59 pm
Location: Romania

Sun Feb 14, 2016 7:00 am

Why don't you make modem in bridge and have the ISP connection on mikrotik? Or how the clients can access the DSL? It has not a password? You can d add a drop forward rule with source hotspot subnet destination gateway proto TCP dstport 80 if 80 is the port of web management interface of DSL.

Sent from my Lenovo K50-t5 using Tapatalk
 
bosal
just joined
Topic Author
Posts: 10
Joined: Sat Feb 06, 2016 12:30 am

Re: Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Sun Feb 14, 2016 4:12 pm

I've made a mistake it's a ADSL modem, so this is why :( Mikrotik has no port for telephone cable.
 
kiaunel
Member Candidate
Member Candidate
Posts: 211
Joined: Mon Jul 21, 2014 7:59 pm
Location: Romania

Sun Feb 14, 2016 5:10 pm

OK then block incoming connection from wlan to modem IP DST port 80
adapt this rule for you
 ip firewall filter add chain=forward protocol=tcp dst-port=80 dst-address=xxx.xxx.xxx.xxx in-interface=wlan1 out-interface=ether1-gateway action=drop  
you can use on dst-address=!youripaddress to block all subnet but allow you if you have static ip
Sent from my Lenovo K50-t5 using Tapatalk
 
bosal
just joined
Topic Author
Posts: 10
Joined: Sat Feb 06, 2016 12:30 am

Re: Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Sun Feb 14, 2016 8:42 pm

Wan't it block the internet connection ?
 
Pea
Member Candidate
Member Candidate
Posts: 192
Joined: Fri Jul 17, 2015 11:07 pm
Location: Czech

Re: Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Sun Feb 14, 2016 9:01 pm

Put your ADSL modem into BRIDGE mode. Then make PPPoE client in your Mikrotik to dial your ADSL.
Then your ADSL modem will be invisible for your customers.

telephone wire RJ11 <=> RJ11 bridge ADSL modem RJ45 <=> RJ45 WAN Mikrotik router
 
kiaunel
Member Candidate
Member Candidate
Posts: 211
Joined: Mon Jul 21, 2014 7:59 pm
Location: Romania

Sun Feb 14, 2016 9:31 pm

No it will not block internet connection. It will only block request coming from wireless interface to modem who want to connect to modem IP on port 80 witch is the management interface of the modem

Sent from my Lenovo K50-t5 using Tapatalk
 
bosal
just joined
Topic Author
Posts: 10
Joined: Sat Feb 06, 2016 12:30 am

Re: Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Sun Feb 14, 2016 10:28 pm

@Plea I don't kno if it can be done as the internet provider gices me only a user account on the router, I can change few thing but not all of them. I will check it up.

@Kianuel - I will check it tomorrow

Guys any ideas regarding the WiFi access problems on my mac ?
 
kiaunel
Member Candidate
Member Candidate
Posts: 211
Joined: Mon Jul 21, 2014 7:59 pm
Location: Romania

Sun Feb 14, 2016 10:49 pm

What problems?

Sent from my Lenovo K50-t5 using Tapatalk
 
bosal
just joined
Topic Author
Posts: 10
Joined: Sat Feb 06, 2016 12:30 am

Re: Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Sun Feb 14, 2016 11:03 pm

I've described them in the first post ;)
 
kiaunel
Member Candidate
Member Candidate
Posts: 211
Joined: Mon Jul 21, 2014 7:59 pm
Location: Romania

Sun Feb 14, 2016 11:13 pm

No idea but if you can connect with cable try to log wireless and dhcp maybe you will see what is happening.

Sent from my Lenovo K50-t5 using Tapatalk
 
bosal
just joined
Topic Author
Posts: 10
Joined: Sat Feb 06, 2016 12:30 am

Re: Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Sun Feb 14, 2016 11:26 pm

Where can I set it up ? As the main log is not so detailed.
 
bosal
just joined
Topic Author
Posts: 10
Joined: Sat Feb 06, 2016 12:30 am

Re: Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Mon Feb 15, 2016 10:23 pm

I'm sorry to say but your rule doesn't work :/
 
kiaunel
Member Candidate
Member Candidate
Posts: 211
Joined: Mon Jul 21, 2014 7:59 pm
Location: Romania

Re: Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Mon Feb 15, 2016 10:30 pm

please be more specific... why is not working? syntax? or do not block your traffic? Make sure you inserted rule before forward accept all
for logging
sys logging add topics=wireless action=memory
 
bosal
just joined
Topic Author
Posts: 10
Joined: Sat Feb 06, 2016 12:30 am

Re: Restricting access to router before MikroTik, and WiFi not working as it should... help needed.

Tue Feb 16, 2016 6:18 pm

It doesn't block traffic. I will try to move the rule on the top of rules.

Who is online

Users browsing this forum: No registered users and 38 guests