Community discussions

MikroTik App
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Wed Feb 21, 2018 3:04 pm

[Fixed] Sudden loss of connectivity on wireless default wlan

Sun Mar 11, 2018 9:41 pm

[i]Note: this has been fixed- 'wlan1' had gotten disconnected from the bridge by mistake and it wasn't obvious at first what had happened.
The rest of the setup is very generic but I made some changes which may not have been the best decisions, still finding my way around. Feel free to make suggestions. I'm particularly interested in the best way to add additional subnets that dont share multicast with the wireless devices. Currently doing it with a simple extra subnet - and generic ethernet, layer 3.[/i]

original post:
I have what I think is the default wlan setup as generated by quickset, but inexplicably the wireless clients do not seem to be on the bridge and cannot ping the default gateway and home DNS server on the configured net. How can I verify that the default gateway and bridge is configured correctly? I am running the very latest stable OS revision on a hAp lite. It was working yesterday.

I have removed the nonessentials and anonymized the IP and mac addresses

/interface ethernet
set [ find default-name=ether3 ] disabled=yes
/interface bridge
add admin-mac=CC:2D:XX:XX:XX:AC auto-mac=no comment=defconf fast-forward=no name=bridge protocol-mode=none
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-g/n channel-width=20/40mhz-Ce country="mycountry" disabled=no distance=indoors \
frequency=auto mode=ap-bridge ssid=myssid wireless-protocol=802.11 wps-mode=disabled
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys supplicant-identity=MikroTik
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=profile1 supplicant-identity=""
/ip pool
add name=default-dhcp ranges=
/ip dhcp-server
add address-pool=default-dhcp interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf edge=no-discover interface=*7
/interface bridge settings
set use-ip-firewall=yes
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ip settings
set accept-source-route=yes allow-fast-path=no max-neighbor-entries=1024 route-cache=no rp-filter=loose
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/interface wireless access-list
add mac-address=XX:XX:XX:XX:XX:70 vlan-mode=no-tag
/ip address
add address= interface=ether2 network=
/ip arp
add address= interface=bridge mac-address=XX:XX:XX:XX:XX:61
add address= interface=bridge mac-address=XX:XX:XX:XX:XX:B7
/ip dhcp-client
add comment=defconf dhcp-options=clientid,clientid disabled=no interface=ether1 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server network
add address= comment=defconf dns-server= gateway= netmask=24 ntp-server=\
/ip dns
set cache-max-ttl=6h max-concurrent-tcp-sessions=1 max-udp-packet-size=512 servers=
/ip dns static
add address= name=router.lan
add address= name=mydns.lan ttl=12h
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=\
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" log=yes protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" disabled=yes ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=\
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=\
new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN

Who is online

Users browsing this forum: tomek242 and 59 guests