Community discussions

MikroTik App
 
pohutukawa
newbie
Topic Author
Posts: 45
Joined: Mon Oct 03, 2011 6:55 am

(SOLVED) - Router has internet, but not LAN clients (PPPoE fibre connection)

Wed Jun 22, 2016 11:02 am

Hello all

RB750 with brand new setup.

Following basic config, the RB750 (running v6.34.6) can connect via a PPPoE connection on fibre and appears to correctly assume the connection's fixed IP and pick up the DNS servers.

Via tools on the router, using WinBox, I can ping google.com and perform traceroutes, no problem.

On the client, via DHCP on the LAN port, a LAN IP (17.16.10.200) is assigned, with 255.255.255.0 subnet and router at 172.16.10.1 (DNS is same IP).

However, the client has no internet. From a terminal I can nslookup OK (e.g. google.com → IP#) but nothing else.

I feel like I'm missing something pretty basic, but can't figure out what it is!

Any help much appreciated. I have attached a few screenshots.

Thank you!

Robin
You do not have the required permissions to view the files attached to this post.
Last edited by pohutukawa on Sat Jun 25, 2016 11:09 am, edited 2 times in total.
 
User avatar
cdiedrich
Forum Veteran
Forum Veteran
Posts: 997
Joined: Thu Feb 13, 2014 2:03 pm
Location: Basel, Switzerland // Bremen, Germany
Contact:

Re: Router has internet, but not LAN clients (PPPoE fibre connection)

Wed Jun 22, 2016 11:29 am

Check your NAT rules.
I could bet the default masquerade rule has ether1 (WAN) configured as out-interface.
Switch it to your PPPoE client (UFB)

It should look like this:
/ip firewall nat
add action=masquerade chain=srcnat dst-address=0.0.0.0/0 out-interface=UFB

-Chris
 
pohutukawa
newbie
Topic Author
Posts: 45
Joined: Mon Oct 03, 2011 6:55 am

Re: Router has internet, but not LAN clients (PPPoE fibre connection)

Thu Jun 23, 2016 12:34 am

Hi Chris

Thank you for the prompt and super-helpful reply. You were correct! I'm up and running now.

So the NAT rules (and I guess, the filters) need to be applied to the (virtual) interface itself, being the last "link" (I could be guilty of mixing terminology here that has special meaning elsewhere)?

Best wishes

Robin
Check your NAT rules.
I could bet the default masquerade rule has ether1 (WAN) configured as out-interface.
Switch it to your PPPoE client (UFB)

It should look like this:
/ip firewall nat
add action=masquerade chain=srcnat dst-address=0.0.0.0/0 out-interface=UFB

-Chris
 
pohutukawa
newbie
Topic Author
Posts: 45
Joined: Mon Oct 03, 2011 6:55 am

Re: Router has internet, but not LAN clients (PPPoE fibre connection)

Thu Jun 23, 2016 3:39 am

Followup question!

I will be moving this Mikrotik to a fibre connection that requires VLAN tagging (VLAN10).

In this case, it would seem I need to:

1. Rename ether1 "WAN"

2. Add VLAN (name="VLAN10" ID=10) with interface="WAN"

3. Add PPPoE client (name="UFB") with interface="VLAN10"

4. Firewall NAT rule as below with interface "UFB"

Is my logic correct?

Cheers
Robin
Check your NAT rules.
I could bet the default masquerade rule has ether1 (WAN) configured as out-interface.
Switch it to your PPPoE client (UFB)

It should look like this:
/ip firewall nat
add action=masquerade chain=srcnat dst-address=0.0.0.0/0 out-interface=UFB

-Chris
 
User avatar
cdiedrich
Forum Veteran
Forum Veteran
Posts: 997
Joined: Thu Feb 13, 2014 2:03 pm
Location: Basel, Switzerland // Bremen, Germany
Contact:

Re: Router has internet, but not LAN clients (PPPoE fibre connection)

Thu Jun 23, 2016 12:07 pm

Glad to hear it works.
Yes, you need to adjust your fw rules to the corresponding interfaces.

For your follow up question:
There's no need to rename interfaces - you can also name them "Harry" or "Garage".
Correct with the vlan and the assignment of the PPPoE client to it.
And of course with the rules. But in case you just move your PPPoE client from ether1 to vlan10, there's no need to adjust any rules because the referenced interface is still the same.

Cheers
-Chris
 
pohutukawa
newbie
Topic Author
Posts: 45
Joined: Mon Oct 03, 2011 6:55 am

Re: Router has internet, but not LAN clients (PPPoE fibre connection)

Fri Jun 24, 2016 12:45 pm

Thanks Chris. All looking good now. Tested and working!

Cheers

Robin
Glad to hear it works.
Yes, you need to adjust your fw rules to the corresponding interfaces.

For your follow up question:
There's no need to rename interfaces - you can also name them "Harry" or "Garage".
Correct with the vlan and the assignment of the PPPoE client to it.
And of course with the rules. But in case you just move your PPPoE client from ether1 to vlan10, there's no need to adjust any rules because the referenced interface is still the same.

Cheers
-Chris
 
mikemccharles
Trainer
Trainer
Posts: 18
Joined: Thu May 26, 2016 12:55 pm
Location: Nairobi, Kenya
Contact:

Re: Router has internet, but not LAN clients (PPPoE fibre connection)

Mon Jul 04, 2016 9:44 am

Check your NAT rules.
I could bet the default masquerade rule has ether1 (WAN) configured as out-interface.
Switch it to your PPPoE client (UFB)

It should look like this:
/ip firewall nat
add action=masquerade chain=srcnat dst-address=0.0.0.0/0 out-interface=UFB

-Chris

Who is online

Users browsing this forum: No registered users and 14 guests