Community discussions

 
samoore
just joined
Topic Author
Posts: 11
Joined: Wed Aug 28, 2019 7:09 am

Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Wed Sep 11, 2019 9:40 pm

Hi,
I've just setup my new metal 52 AP and HAP AC router on my boat/home.
My goal is marina internet.
I've tried several things to get the WAN set to ether5 where I have POE.
Each time I've had issues.
Bottom line is I'd like to understand how to set the router up to make ether1 a bridged port and ether5 the WAN port.
At sometime I'll get an LTE AP and I'll want both. I'm not there yet.
I saw some info on doing that but I need all the ether ports I can get for my internal wired network.
I saw some posts from W32pamela. They were promising. When I tried that config, I had to reset the groove.
Seems like I should put the groove in the most basic setup - right now it's CPE.
I would think all the work should go into the router side.
There are so many freaking options. I think I will really like this setup once I get more comfortable with it.
I've been using a bullet and cisco router.
Thanks!
Sam
 
Paternot
Long time Member
Long time Member
Posts: 597
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Wed Sep 11, 2019 10:42 pm

bridge -> ports

Remove port 5 from "bridge"
Add port 1 to "bridge"

Done.
 
User avatar
w32pamela
Member Candidate
Member Candidate
Posts: 118
Joined: Fri Jul 12, 2013 4:22 pm

Re: Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Thu Sep 12, 2019 6:07 pm

Have you considered simply resetting the hAP with no defaults (System->Reset Configuration & check No Default Configuration) then creating a Bridge and adding "all" ports to the Bridge. Set up your wireless on the hAP (mode=AP-bridge). Plug the Metal into port 5; no need to worry with making it a Wan port. If you set the Metal up as a Nat/router it will be the DHCP server for any wired or wireless devices attached to your hAP.

Use Winbox to control your network. Don't use the Quick Set page in hAP.
 
Amm0
Frequent Visitor
Frequent Visitor
Posts: 66
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Thu Sep 12, 2019 7:45 pm

w32pamela is right: if you mess with the Bridge > Ports in winbox, you can get your setup working pretty quick.

I'm guessing our boater friend is using the hAP as a "HomeAP" (for Wi-Fi/hardlines his boat) with the Groove as a CPE to some Wi-Fi network at the dock. Also guessing he might want to change the Wi-Fi network the Groove uses if sails into a new port. My only different advice is to embrace Quick Set...it has pretty simple UI to configuration and switch the Wi-Fi network/password that your connecting to or creating. Just thinking Quick Set with the HomeAP on the hAP and the CPE on the Groove, be a better start than a blank configuration for a newbie. Might want avoid Quick Set on hAP after configuration, but I think Quick Set on the groove to switch Wi-Fi for a new port, be easier than finding a laptop with winbox on a boat ;).

The only issue is that most defaults use ether1 as the WAN interface, but since Groove needs 24V PoE, the WAN needs to be ether5 since that's the only PoE out port. But that's an easy change... start with "HomeAP" default configuration on hAP, then just make a couple adjustments in winbox or webfig on the hAP ac and you have ether5 being the WAN port:
  • under Bridge > Ports, change ether5 to ether1
  • under Interfaces > Interface Lists, there should be a entry that maps WAN to ether1, change that to ether5 – this will cause the default firewall rules to NAT out to ether5, instead of ether1.
    also:
  • change the IP > DHCP Client to use ether5, instead of ether1.

Assuming the Groove is already working to pull in internet, that should be it.

Good luck.
Last edited by Amm0 on Wed Sep 18, 2019 7:33 am, edited 1 time in total.
 
samoore
just joined
Topic Author
Posts: 11
Joined: Wed Aug 28, 2019 7:09 am

Re: Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Fri Sep 13, 2019 1:34 am

Hi All,
Thanks for the quick replies.
I would really like to use we web config tool as I'm on a mac and would prefer not to have to install vines then winbox to config the router/ap.

I have the AP set at CPE and the HAP set as Home Dual AP.

I did install the Mikrotek tool/app on my iPad. I could easily make the change there.

Cheers,
Sam
 
Amm0
Frequent Visitor
Frequent Visitor
Posts: 66
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Fri Sep 13, 2019 5:46 am

@samoore,

Those defaults sound like a good base to me. Think if you make the 2 changes on the hAP you'd be set to use ether5 for PoE.

As you note, Mikrotik give you a lot of options. But the UIs all offer roughly the same options, so use what make sense. The mobile app work, and also does offer all the settings...but their "setup wizards" and summary work fine but kinda limited compared with the web configuration. For a Mac, there is a pre-package of winbox.exe with all the wine stuff built into Mac applications:
http://joshaven.com/resources/tools/winbox-for-mac/ – while you hopefully don't need it, but only way you can use MAC addresses (instead of an IP) to connect to the Mikrotik, which is pretty handy if the config gets FOBAR and you don't want to reset it to defaults.


I helped a friend of my setup something similar for his RV - he's less technical so winbox was out of the question... since his only on-going configuration need was to switch the Wi-Fi used by the Groove that pulls in whatever Wi-Fi is available. Found the "Quick Set" screen of the web interface on the Groove was pretty handy for him since he just had to pick a Wi-Fi network and put in a password.

If you want more help, you'll get more valuable advice if you post the configurations in the forum. In any of the UIs, you can get to the "Terminal" feature of any of those UIs, then type:
export hide-sensitive file=pick-a-filename.txt
then go to "Files" in any of the Mikrotik UI's and download the file created then cut-and-paste into a forum posting.
 
samoore
just joined
Topic Author
Posts: 11
Joined: Wed Aug 28, 2019 7:09 am

Re: Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Tue Sep 17, 2019 11:32 pm

Hi Ammo,
Thanks for the info.
I'm still not where I want to be.
I can get the system up and working by putting the POE on ether1 and connecting it to the AP.
I left my AP alone as it was working.
So now Ive made the switch - ether5 is hooked to the AP. IP on AP was left at default.

I reset my router to defaults.
I went to quickset / home AP dual
I set the IP range where I wanted it 192.168.1.0/24 and set the dhcp range.
I set the wifi names and pw to what I wanted.
I then made the changes you suggested in webfig.
Change the bridge port to ether5 from ether1.
Change the wan interface from ether1 to ether5

Now I can't get to the AP to manage it via the ip address. ether5 is now going to the AP.
Ether1 is now physically connected to a switch I have.
I can see the two wifi networks.
I can login to the router via IP and browser over wifi or wired.

Now when I go back to quickset - it shows that WISP AP is active - not Home AP Dual
config shows it is set up as a bridge.

Any help would be appreciated.
Thanks!

Here is the rsc output.
# jan/02/1970 00:17:16 by RouterOS 6.42.12
# software id = SPUS-2Z6W
#
# model = RouterBOARD 962UiGS-5HacT2HnT
# serial number = B86809ECF006
/interface bridge
add admin-mac=B8:69:F4:F9:15:09 auto-mac=no comment=defconf name=bridge
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
disabled=no distance=indoors frequency=auto mode=ap-bridge ssid=Muse10 \
wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\
20/40/80mhz-Ceee disabled=no distance=indoors frequency=auto mode=\
ap-bridge ssid=Muse10-5 wireless-protocol=802.11
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
dynamic-keys supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=192.168.1.10-192.168.1.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether1
add bridge=bridge comment=defconf interface=sfp1
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether5 list=WAN
/ip address
add address=192.168.1.1/24 comment=defconf interface=ether2 network=\
192.168.1.0
/ip dhcp-client
# DHCP client can not run on slave interface!
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
ether1
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf gateway=192.168.1.1 netmask=24
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.1.1 name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
 
Amm0
Frequent Visitor
Frequent Visitor
Posts: 66
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Wed Sep 18, 2019 12:14 am

DHCP Client also needs to change to use ether5.

Also, you can use QuickSet only once on router...after that it will be confused by using ether5...

I’d plug in the groove directly to a PC, and tweak it until your getting what you want on your PC. If you then plug in to router on ether5 (with DHCP client listening), should do same as PC test but over your WiFi.
 
samoore
just joined
Topic Author
Posts: 11
Joined: Wed Aug 28, 2019 7:09 am

Re: Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Wed Sep 18, 2019 6:29 am

Hi Amm0,

Thanks for the last note.
That did it.
I am functional now.
POE working on ether5
I can get to both the hap and ap

One last question.
You said quickset is only for a one time use.
I've been using it to point the WiFi marina signal ove and over.
I just use the connect button and don't "apply configuration".

Next is to figure out how to store SSID's and passwords for future use.

Thanks a-million.

Sam
 
Amm0
Frequent Visitor
Frequent Visitor
Posts: 66
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Another Boater looking to use groove metal and HAP AC with WAN on Ether5

Wed Sep 18, 2019 7:25 am

You said quickset is only for a one time use.
I've been using it to point the WiFi marina signal ove and over.
Awesome!

To clarify...
Groove = QuickSet okay to use again – that's what you want, QuickSet web GUI does a pretty good job of letting you select a Wi-Fi network to use, and the web interface run
on a phone/tablet.
hAP = don't change what's working...

Details...
The "hoisted" Groove that "reels in" public Wi-Fi, QuickSet is what you want to use! Since you didn't change the configuration outside QuickSet you can run it over and over, no problem. But, on that hAP "below deck", once you changed the WAN port from ether1 to ether5, as you noticed, QuickSet detected it as a different profile than you used initially. So if you do "apply" on the hAP, it might cause problems if things were working before – thus the warning.

Who is online

Users browsing this forum: No registered users and 20 guests