<t>Hello,<br/>
I am new to Mikrotik, may you help ... ?<br/>
Current Scenario : LAN > ASUS Router {Tomato Firmware in "Router Mode" NOT "Gateway Mode" > SXT LTE > WAN > ISP<br/>
{ASUS provides WIFI & DHCP server & runs Adblock}<br/>
All works good.<br/>
<br/>
Question: Is it possible to replace the ASUS with Mikrotik RB2011UiAS-2HnD-IN with same setup, minus the Adblock (which I can do on a Raspberry PI).<br/>
Thanks in advance,</t>

I dont see why not.
The only queston I have is why choose any particular model for the router, (what are your requirements))

Great.
Requirements - basic small office / home.
Next question, is their a setup guide for this, or what is the equivalent Mikrotik mode to Router mode only, NOT Gateway mode ?

Mikrotik is not a consumer oriented plugNplay router.
It does come with a default setup that is secure and is up and running right away.
Plug your WAN cable into ether1 and your LAN into 2,3,4,5 etc and you are up and running on 192.168.88.1 network.
That is the quickset format and simply works!

Then you will want to start tweaking the setup and you must tread slowly. One area at a time.
There is a safe mode at the top of winbox that I use. whenever I do something that is illegal (would lock me out and have to reset to defaults and start over) the router simply kicks me out and allows me to log back in as if I were at the point before doing the stupid config change.

Yes, please download and use winbox as your front end tool to configure the router.!!!

As for router................ assuming you want it to be a wifi router then the hap ac2 is a decent choice.
If you are a power user the RB4011 is a beast!!

Personally I am not a fan of combining my wifi and router in one because wifi changes more rapidly and I like to put it where it makes most sense for wifi.
For wired home office I would look at the RB450Gx4 router board (plus enclosure and power supply) and again of course the beast RB4011 (non wifi variant).



Depends a lot on expectations and usage................

Thank you for the time you invested in your reply, of which I do not wish to seem disrespectful. Thank you also for the recommendation of "hap ac2", may I ask if you recommend it over the "rb2011UiAS-2HnD-IN" ? I have a wifi LAN only.

However, as I have stated I have a SXT LTE, implying I have used Winbox for my current setup.
What I need is direction as to what tweak to make first to have the new Mikrotik perform as a "router" only ie no NAT and no firewall or is it as simple as un-ticking these boxes ?
I am not asking for babysitter...

Sorry Gerry, I have no experience with SXT so didnt realize you were conversant so to speak.
I gather you are getting internet then from wifi and your router is an ALL IN ONE unit distributing wired and wifi interent to your home/office.
You probably know more than I, so I am probably of no much further help, other than to say I would never setup my router without a firewall.

It's a router, it routes by default anything it knows how and where. So if all you need is simple router without NAT and anything, then:
1) Create bridge for LAN and add all interfaces except the one connected to SXT.
2) Addresses and routing: 3) Use the helpful "DHCP Setup" button in IP->DHCP Server for nice step-by-step config.
4) Basic wifi AP config is something like:

No Problem & thanks for trying.
For anyone else - I will detail a little more clear.
Current Setup : ISP > SXT LTE (3G internet connection) > Physical ethernet cable to ASUS Router (running Tomato in "Router Mode" NOT "Gateway Mode" > WIFI internet connection.
Firewall IS running on SXT LTE with enabled DHCP server AND NAT. Firewall is disabled on ASUS, but has enabled DHCP server.

It may be useful to post your SXT config then, but only if you are having issues down the line.

Hello (again..) I purchased a hap ac2 (192.168.2.1). To avoid any setup errors - I did a fresh install (routeros-arm-6.44.3) via Netinstall & did not use QuickSet.
I manually set up all as per "https://wiki.mikrotik.com/wiki/Manual:I ... figuration" excluding wifi (I will do later).
I "think" I followed the above instruction (thank you).
I can ping SXT (192.168.88.1).
Problem(s): I cannot ping 1.1.1.1 or do I have internet access.

Any direction as how to narrow the problem is much appreciated,
{The SXT setup works perfect with my ASUS router, so I only wish to change the hap ac2 setup}

SXT LTE Config
hap ac2 config

I am not really sure you are successfully pinging the SXT (192.168.88.1) as both devices have that same IP config on ether1 interfaces, so your config seems totally incorrect .

You already have a "router / firewall / DHCP / etc" in the SXT, why not make the Hap AC2 a "switch+AP" only device?

See topic below, @vecernik87 even provided a cool script to do all the config for you, for this exact model device you have, Hap AC2.

viewtopic.php?f=2&t=149144

Thank You for direction. It was incorrect. I did think something was wrong with the ping time, it was also incorrect.
I believe its fixed. Working for one day with no issue...
Thank you for the alternative suggestion, but if I did that I would learn less...

@Sob by using DHCP client "add address=<internal address>/<mask> interface=<internal interface (bridge)>" was done automatically. Is this correct ?

General question: I have set-up static ip addresses in the DHCP server & they work as expected.
When a device requests a static ip (that it is free) it gets it & works as expected.
However it does not display this static ip in the DHCP server / Leases. Is it possible to display them here (they appear under Torch).

hapac2 -
SXT Lte

Yes, DHCP client does add address.

And I don't understand the part about static leases. They are in same list as dynamic ones. So if you defined them and they work, they can't be there more than they already are. There's probably some misundestanding here.