Community discussions

MikroTik App
 
tesme33
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 65
Joined: Mon May 26, 2014 10:25 pm

hEXr3, 6.44.2 bridge mode

Thu Apr 11, 2019 9:59 pm

Hi
when im using the Quickset from a plain hEX(e.g. no own config) with 6.44.1/2 and set there bridge mode , dhcp based adress retrieval, i have the following effect.
- system gets the IP via DHCP
- i can no longer login (testet with and without password)

and Port 1 doesnt get assigned to the bridge. Or at least it doesnt assign the IP to this port.

Any idea ?
 
User avatar
enggheisar
Trainer
Trainer
Posts: 20
Joined: Sun Mar 29, 2015 10:12 am
Location: Austin, TX
Contact:

Re: hEXr3, 6.44.2 bridge mode

Thu Apr 11, 2019 10:39 pm

Is winbox telling you wrong pass or Could not connect?
can you connect with Ether 2.
we can not answer you unless we know more about this situation
 
tesme33
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 65
Joined: Mon May 26, 2014 10:25 pm

Re: hEXr3, 6.44.2 bridge mode

Fri Apr 12, 2019 12:54 pm

After the change to Bridge (not touching the password at all) mode winbox can discover the hEX with the new IP adress. e.g. the adress will change from 192.68.88.1 to a local DHCP assigned IP.
Dependand which Ether i take (2-5) i see a different MAC but the same IP.
Then when i click connect the winbox times out.


Did this help.
 
tesme33
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 65
Joined: Mon May 26, 2014 10:25 pm

Re: hEXr3, 6.44.2 bridge mode

Sat Apr 13, 2019 1:01 pm

Hi
making a NMAP scan (in bridge mode) showed that there nothing listening. Just Ping works. Or the firewall settngs get wrongly assigned.

so i would say this is a bug.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10194
Joined: Mon Jun 08, 2015 12:09 pm

Re: hEXr3, 6.44.2 bridge mode

Sat Apr 13, 2019 1:52 pm

Make Winbox connect to the MAC address instead of IP address, so you can login again.
Then open terminal window and do a /export and check what went wrong and/or post it here.
 
tesme33
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 65
Joined: Mon May 26, 2014 10:25 pm

Re: hEXr3, 6.44.2 bridge mode

Sat Apr 13, 2019 2:34 pm

problem identified, manually fixed and ticket opened.

Mikrotik is adding a default rule that nobody outside of the LAN can access. But for the bridge this is not working. Disabling this rule made the hEX bridge accessable.
 
Samot
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Nov 25, 2017 10:01 pm

Re: hEXr3, 6.44.2 bridge mode

Sat Apr 13, 2019 3:25 pm

problem identified, manually fixed and ticket opened.

Mikrotik is adding a default rule that nobody outside of the LAN can access. But for the bridge this is not working. Disabling this rule made the hEX bridge accessable.
What default rule? A firewall rule? A route rule? Why type of rule? You're not explaining yourself clearly and this doesn't help anyone down the road that might have this issue. So what did you actually manually change to fix this? Because this is sounding a lot like a configuration issue.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10194
Joined: Mon Jun 08, 2015 12:09 pm

Re: hEXr3, 6.44.2 bridge mode

Sat Apr 13, 2019 6:16 pm

problem identified, manually fixed and ticket opened.

Mikrotik is adding a default rule that nobody outside of the LAN can access.
That is probably the right thing to do, unless you have lived under some stone for the last year!
Please show us what rule was added and why it is incorrect according to your view.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: hEXr3, 6.44.2 bridge mode

Sat Apr 13, 2019 9:49 pm

Don't mind the impatient others, they understand IT but not people :-)

The best thing you can do is place a copy of your config here and then instead of wild-assed guessing or playing whackamole we can see the information needed directly!

To get a copy of the config you simply go to the left hand menu 'new terminal' icon in winbox and type in
/export hide-sensitive file=yourconfig (any name you wish)
Then to go the left hand menu 'files' icon and you will see the file there saved.
Right click and download to your desktop.
I use notepad ++ to open up config files.

Then simply copy and paste into the thread here. The only thing you should do is ensure that your ISP WAN address and ISP gateway address are not being shown.
Check ISP client setting and perhaps IP route settings for that.

To make the code appear elegant use the text bar above where bold is and highlight the code and then apply the icon that is a black square with white square brackets inside it.
Gluck!
 
tesme33
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 65
Joined: Mon May 26, 2014 10:25 pm

Re: hEXr3, 6.44.2 bridge mode

Mon Apr 15, 2019 7:31 pm

Hi
after some researrch the problem seems to be on several areas.

1) With 6.44 the dhcp package is no longer optional and it seems that it cannot be fully disabled. At least on my side a pool (which i never configured) appeared and assigned strange IP numbers 0.0.0.x . --> so i switched back 6.43.
2) having RSTP on the bridge switched on seems to make issues. Symptom: you can login via winbox using the MAC address and work without issues. With the IP obviosuly doesnt work for DHCP as the bridge doesnt get an IP. If you configure a fixed IP the system gets under a huge load (CPU 100%) and you get dropped often. --> Switch of RSTP and fast forward on the bridge. see also here: viewtopic.php?t=133156&sid=47ab86e30191 ... 4ab6f9824b

So now the system seems to work..

Remark to this gentleman argueing that im living on a stone. Im not sure if you know my setup and the reason for it, but i doubt. And you even doesnt know what is the plan. So plese stay in your own circles and cry but dont annoy others.
 
olivier2831
Member Candidate
Member Candidate
Posts: 296
Joined: Fri Sep 08, 2017 6:53 pm

Re: hEXr3, 6.44.2 bridge mode

Tue Apr 16, 2019 2:46 pm

problem identified, manually fixed and ticket opened.

Mikrotik is adding a default rule that nobody outside of the LAN can access. But for the bridge this is not working. Disabling this rule made the hEX bridge accessable.
Hi,

I also can across this one as setting an hEX into bridge mode, in my testings, cuts all local IP connections.
I could still connect through Winbox but not with my browser anymore.
As I'm quite new in Mikrotik world, I didn't dare to open a ticket but now, I'm glad it's been done.

As many others, it seems, I would be very curious to get more details about this issue.
Has this behaviour been labelled as a "a feature" or "a bug" by Mikrotik support ?
 
Samot
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Nov 25, 2017 10:01 pm

Re: hEXr3, 6.44.2 bridge mode

Tue Apr 16, 2019 3:40 pm

Don't mind the impatient others, they understand IT but not people :-)
Well it's a good thing this is a networking forum and not a physiology forum and the need to understand IT is greater than the need to understand people.
1) With 6.44 the dhcp package is no longer optional and it seems that it cannot be fully disabled. At least on my side a pool (which i never configured) appeared and assigned strange IP numbers 0.0.0.x . --> so i switched back 6.43.
2) having RSTP on the bridge switched on seems to make issues. Symptom: you can login via winbox using the MAC address and work without issues. With the IP obviosuly doesnt work for DHCP as the bridge doesnt get an IP. If you configure a fixed IP the system gets under a huge load (CPU 100%) and you get dropped often. --> Switch of RSTP and fast forward on the bridge. see also here: viewtopic.php?t=133156&sid=47ab86e30191 ... 4ab6f9824b
Again, without see what you actually had in your config and what you actually fixed this doesn't mean anything. I have routers running right now, on 6.44.x, where the DHCP server is completely disabled because it's coming from another system on the network. I have numerous cAPs, wAPs and other devices that are in full bridge mode with the DHCP Client _on the Bridge_. I can also connect to them via Winbox over their IPs assigned to them over DHCP on the bridge and I don't see issues with the CPU spiking through the sky.
Remark to this gentleman argueing that im living on a stone. Im not sure if you know my setup and the reason for it, but i doubt. And you even doesnt know what is the plan. So plese stay in your own circles and cry but dont annoy others.
You're right, we don't know your setup, that is why we ASKED TO SEE IT and other questions. You failed to provide any real information and a solution that you think is an actual solution but it's not because the issue(s) you think you are having aren't real issues they are just configuration problems. So check your attitude.
 
tesme33
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 65
Joined: Mon May 26, 2014 10:25 pm

Re: hEXr3, 6.44.2 bridge mode [SOLVED]  [SOLVED]

Sun Apr 21, 2019 9:45 am

Hi
today i had some time to make some tests. Below you find what i did. Everybody can draw its own conclusion out of it. This is shared that others are aware.


---------------
All config was done via Winbox 3.18,
Naming conventions for the configs in the attached ZIP: <STEP>_hex_<version>_<mode>

step : comment

1: starting config: hexr3 with 6.44.13 bridge mode, router board FW 6.43.13
2: reset config via winbox menue, reboot: see hex 6.44.13 router, routerboard FW 6.43.13
3:install 6.44.2
4: routeboard upgrade tp 6.44.2
reboot

5: set hex to bridge via quickset menue in winbox , only check-box changed ; Configuration Mode: set to Bridge then press Apply

IP adress of Hex changed to local assigned IP from DHCP --> Clicking IP connect doesnt work, using hX MAC works.

changes seen (just have a look into the atteched config.) And compare it to the 6.43.13.

1) strange DHCP pool added
2) firewall config added
3) dhcp-server added
4) static DNS server added




6: Switchng back to 6.34.13-->
7: reset config and then set to bridge mode --> again strange config

somehow the system fell back to factory firmware 3.41 (routerboard) --> upgraded routerboard FW and made config reset

After all these test i can no longer confirm that this is an 6.44 issue. Might be a Winbox issue.
But what is definitly happening with the switch to the bridge mode.
1) DHCP range added to pool, DHCP server advertises 0.0.0.0 as default router
2) firewall config not adjusted to local needs
3) /ip dns static is not updated (still pointing to 192.168.88.1) or sometimes pointint to 0.0.0.0

now last try:
11: lets reset config and disable local dhcp server, delete local ip pool.
12: switch to bridge mode --> now at least the strange DHCP range doesnt get populated.
----------------
You do not have the required permissions to view the files attached to this post.
Last edited by tesme33 on Mon Apr 22, 2019 8:46 am, edited 3 times in total.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: hEXr3, 6.44.2 bridge mode

Sun Apr 21, 2019 10:28 am

Can you test it again, this time using Webfig to do the config (as long as you're able to actually use it)? This would either definitely point at winbox or away from it.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10194
Joined: Mon Jun 08, 2015 12:09 pm

Re: hEXr3, 6.44.2 bridge mode

Sun Apr 21, 2019 10:53 am

Yes it looks like the "bridge" template is not really OK, probably almost nobody uses it and it receives little attention.
(normally people who want a 5-port bridge will buy a switch instead!)

DHCP server on bridge mode of course makes no sense, it should be deleted.
The firewall with WAN and LAN sides also makes no sense, so it should be changed.

Winbox is not involved in this, the creation of configs from templates is done entirely by the router itself.

When you want to use your hEX as a bridge I advise you to reset it without default configuration and create the bridge manually.
(just create a bridge and add all ports to it, add a DHCP client when you wish (no server), and when it is facing the internet create
some INPUT rules to limit access to the configuration)
 
tesme33
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 65
Joined: Mon May 26, 2014 10:25 pm

Re: hEXr3, 6.44.2 bridge mode

Sun Apr 21, 2019 11:51 am

Yes it looks like the "bridge" template is not really OK, probably almost nobody uses it and it receives little attention.
(normally people who want a 5-port bridge will buy a switch instead!)

DHCP server on bridge mode of course makes no sense, it should be deleted.
The firewall with WAN and LAN sides also makes no sense, so it should be changed.

Winbox is not involved in this, the creation of configs from templates is done entirely by the router itself.

When you want to use your hEX as a bridge I advise you to reset it without default configuration and create the bridge manually.
(just create a bridge and add all ports to it, add a DHCP client when you wish (no server), and when it is facing the internet create
some INPUT rules to limit access to the configuration)
Hi
i would also assume that hEX is normaly used as a router and yes you are right a switch would be normaly better , but i wanted to use the hEX as a VPN endpoint. Now the plan has changed and im going to use some CHR for this.

As mentioned this is to share my findings that others can save some time and Mikrotik can provide a fix in the future.

Have a nice easter weekend. Im now enjoing the sun in the Munich Alps.
 
Samot
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Nov 25, 2017 10:01 pm

Re: hEXr3, 6.44.2 bridge mode

Sun Apr 21, 2019 4:01 pm

All I see in that zip file is a bunch of configs that look incomplete. Did you actually try to see this stuff manually or just do this all through Quickset? What happens when you create the DHCP server on your own and assign IPs and the settings?

Again, I do this with hEX's and other routers quite a lot. This isn't a hEX issue, it's a user issue.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: hEXr3, 6.44.2 bridge mode

Sun Apr 21, 2019 4:47 pm

Agreed Samot, quickset is just a starting point its not meant for any special changes or specific setups. The hex works out of the box for a basic LAN and basic WAN.

For the OP, just use this....
https://www.youtube.com/watch?v=XKYmgtVs9kc
 
olivier2831
Member Candidate
Member Candidate
Posts: 296
Joined: Fri Sep 08, 2017 6:53 pm

Re: hEXr3, 6.44.2 bridge mode

Tue Apr 23, 2019 12:44 pm

Yes it looks like the "bridge" template is not really OK, probably almost nobody uses it and it receives little attention.
(normally people who want a 5-port bridge will buy a switch instead!)
hEX PoE has unique PoE passthrough capabilities (you can power it with PoE while it PoE-powers up to 4 devices !) that that renders it as a very attractive switch to power up AP, IP cameras or phones in places there AC power is missing.

6.44 hEX offers a bridge mode which, IMHO, is currently broken as the first consequence of applying it is kicking all connections out including local management.
This can be easily reproduced.

Fortunately, workarounds exist but a working bridge mode or no bridge mode at all, would be better, IMHO.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: hEXr3, 6.44.2 bridge mode

Tue Apr 23, 2019 4:30 pm

 
pe1chl
Forum Guru
Forum Guru
Posts: 10194
Joined: Mon Jun 08, 2015 12:09 pm

Re: hEXr3, 6.44.2 bridge mode

Tue Apr 23, 2019 5:06 pm

6.44 hEX offers a bridge mode which, IMHO, is currently broken as the first consequence of applying it is kicking all connections out including local management.
This can be easily reproduced.

Fortunately, workarounds exist but a working bridge mode or no bridge mode at all, would be better, IMHO.
I think you are confusing the "Quick Set" templates for configuration and the actual operation of the device.
The actual bridge mode works fine, however it appears the configuration template for bridge mode in Quick Set is currently broken.
(likely it was broken when security of the firewall was improved, and this particular setting was not tested)
 
tesme33
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 65
Joined: Mon May 26, 2014 10:25 pm

Re: hEXr3, 6.44.2 bridge mode

Tue Apr 23, 2019 6:54 pm

6.44 hEX offers a bridge mode which, IMHO, is currently broken as the first consequence of applying it is kicking all connections out including local management.
This can be easily reproduced.

Fortunately, workarounds exist but a working bridge mode or no bridge mode at all, would be better, IMHO.
I think you are confusing the "Quick Set" templates for configuration and the actual operation of the device.
The actual bridge mode works fine, however it appears the configuration template for bridge mode in Quick Set is currently broken.
(likely it was broken when security of the firewall was improved, and this particular setting was not tested)
Hi pe1chl
the question is now is this worth opening a ticket or hope that somebody from mikrotik realizes the issue and corrects it ?
As i now know how to make a workaround i can life with it.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: hEXr3, 6.44.2 bridge mode

Tue Apr 23, 2019 7:23 pm

I would remove it as functionality in quickset altogether........
 
pe1chl
Forum Guru
Forum Guru
Posts: 10194
Joined: Mon Jun 08, 2015 12:09 pm

Re: hEXr3, 6.44.2 bridge mode

Tue Apr 23, 2019 8:41 pm

the question is now is this worth opening a ticket or hope that somebody from mikrotik realizes the issue and corrects it ?
As i now know how to make a workaround i can life with it.
You can always try it... be sure to describe your problem clearly (I think you already did that) and/or refer to this topic.
Don't expect it to be fixed in the next release, but it could be fixed later and help others.
 
GeorgeAA
just joined
Posts: 2
Joined: Sat Apr 27, 2019 5:54 pm

Re: hEXr3, 6.44.2 bridge mode

Sun Apr 28, 2019 4:34 am

Hi
This issue was reported with other devices as well. After configuring a RouterOS device with a "WISP AP" setting with "Quick Set" and setting it to "bridge" mode, the web configuration interface (WebFig) becomes inaccessible. I am myself experienced it on a hAp ac^2 with RouterOS v6.43.10.

It looks like the "Quick Set" WISP AP (and probably the Home AP as well) template is broken for bridge mode configurations.
One possible workaround is the disabling of the firewall rule #4 ("drop all not coming from LAN") as it was pointed out by tesme33.
Another possible fix is adding the "bridge interface" to the "LAN list". I believe this approach fixes the root cause of this bug, while leaves the firewall rules intact.
(Interfaces->Interface List tab->Add New: List=LAN, Interface=bridge, Enabled=True ->OK )

Personally I would also disable the DHCP and DNS servers set up by Quick Set too, as they are not needed for a switch (bridge mode) and configure ether1 as a LAN port rather then wasting it by assigning it to WAN. Probably it would be for the best to create the whole bridge configuration from scratch, but I am new to MikroTik and I am unsure if my set of settings would be complete.
Cheers!
 
olivier2831
Member Candidate
Member Candidate
Posts: 296
Joined: Fri Sep 08, 2017 6:53 pm

Re: hEXr3, 6.44.2 bridge mode

Mon Apr 29, 2019 2:21 pm

This issue was reported with other devices as well.
Has this issue been acknowledged as such (ie as being an issue) or do Mikrotik evaluates this as a feature that should be kept ?

Current deafening silence on this topic is a bit worrying as QuickFig is the first tool that newcomers as myself, do use.
Kicking them out of Web admin as soon as they select Bridge mode is IMHO, rough.
 
Samot
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Nov 25, 2017 10:01 pm

Re: hEXr3, 6.44.2 bridge mode

Mon Apr 29, 2019 3:18 pm

What issue are you referring to? I setup a bunch of cAP ACs two weeks ago all in Bridge mode with the WISP AP as the quickset. Did you actually program the proper information in the route before hitting apply? Outside of some poor configurations that were posted, we haven't seen much else of these "failed" configs. So lets get to posting them because this isn't a really hard thing to do and this is probably more user error than anything else.
 
netuser01
just joined
Posts: 1
Joined: Sat Apr 11, 2020 5:10 pm

Re: hEXr3, 6.44.2 bridge mode

Sat Apr 11, 2020 5:52 pm

Everyone who is not living in the MikroTik universe and tries a first evaluation will probably run into this.
I will try to collect this, because the information is spread over some postings. The issue is reproduceble, if you try to configure a hEX S device in Bridge Mode using the Web-Interface - not WinBox!
  • Reset hEX S
  • Open the hEX S webinterface with your browser
  • Quickset
  • Click "Bridge"
  • Give the device a static IP of your choice and add gateway and DNS
  • Apply
Now it is not possible to access the webinterface on the given IP.
Problem 1:
  • The firewall rule "drop all not coming from LAN" renders the webinterface useless.
Problem 2:
  • The DHCP server is not disabled
Actually the documentation "Quick Guide" chapter "First use" should cover the both Quickset scenarios "Router" and "Bridge". Currently only "Router" mode is covered. Selecting "Bridge" leaves the user on it's own and even worse the implementation of the mode behaves not as expected.
Additionally the "Quick Guide" documentation should really mention the WinBox tool as the preferred way of configuring the device.
 
torgr2019
newbie
Posts: 27
Joined: Wed Mar 10, 2021 8:59 pm

Re: hEXr3, 6.44.2 bridge mode

Mon Mar 15, 2021 9:43 pm

Still the problem persists in my hAP ac2.
Bought it new, starting the setup via the web browser and i selected the bridge mode as i was intended to use it as an AP behind my router.
And voila... lost all web interface.
Access it through Winbox (mac address).
All the ether ports in one bridge.
DHCP server deleted.
Firewall rules disabled (all).
NAT disabled.
Tried to assign a static ip in addresses but failed.
Still no IP address to access the device, only locally through Winbox.
This is unacceptable for a AP for home use. Should we have advanced networking knowledge to setup an AP?
@ Mikrotik: Either fix these simple problems or stop selling products for home use. Just remind to all of us that we need advances networking knowledge to setup a Mikrotik AP.
 
nescafe2002
Forum Veteran
Forum Veteran
Posts: 897
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: hEXr3, 6.44.2 bridge mode

Tue Mar 16, 2021 10:36 am

Tried to assign a static ip in addresses but failed.

Failed how? You couldn't open the IP Address menu? Couldn't access the console? Setting was not saved? Did you get an error message?

If your device doesn't work properly, create a supout.rif and send it to support with problem description + steps to reproduce.

(Also; the loss of connectivity is the be expected, while most other vendors redirect you to a generic "Device is rebooting" page (go get some coffee) MT applies the change instantly and without any warning)

Who is online

Users browsing this forum: Amazon [Bot], gigabyte091 and 40 guests