Community discussions

MikroTik App
 
Alright71
just joined
Topic Author
Posts: 13
Joined: Mon Mar 03, 2014 2:32 pm

wAP AC Configuration

Mon Apr 19, 2021 10:56 am

I am working on configuring a wAP AC kit and I am unable to reach the internet, through lte1, from connected devices. From the wAP it's self, i am able to, no problem, but from anything connected...nothing. Any help you can provide in locating my configuration issue would be much appreicated. Thank you in advance.

/export
# apr/19/2021 09:42:01 by RouterOS 6.47.9
# software id = 63IN-0Y62
#
# model = RBwAPGR-5HacD2HnD
# serial number = DE810C39CBFB
/interface bridge
add admin-mac=48:8F:5A:F7:1F:2E auto-mac=no comment=defconf name=bridge
/interface lte
set [ find ] allow-roaming=yes band=1,3,7,20,8,2,38,40,41,39,5,12,17 name=lte1
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX \
disabled=no distance=indoors frequency=auto installation=outdoor mode=\
ap-bridge ssid=MikroTik-F71F30 station-roaming=enabled wireless-protocol=\
802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX \
disabled=no distance=indoors frequency=auto installation=outdoor mode=\
ap-bridge ssid=MikroTik-F71F31 station-roaming=enabled wireless-protocol=\
802.11
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
add apn=mango4g.mango name=63517
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge name=defconf
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,passw\
ord,web,sniff,sensitive,api,romon,dude,tikapp"
/interface bridge port
add bridge=bridge comment=defconf interface=ether1
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface detect-internet
set detect-interface-list=all
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=lte1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf dns-server=8.8.8.8 gateway=\
172.3.168.131
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=\
invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" \
connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=\
out,none out-interface-list=WAN
/system clock
set time-zone-name=Africa/Kigali
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
 
mfrey
newbie
Posts: 36
Joined: Wed Jan 06, 2021 12:31 am

Re: wAP AC Configuration

Mon Apr 19, 2021 12:32 pm

One issue for sure is the gateway IP that you distribute via DHCP. It lies outside of the DHCP subnet and should be the IP of your wAP AC.
 
Alright71
just joined
Topic Author
Posts: 13
Joined: Mon Mar 03, 2014 2:32 pm

Re: wAP AC Configuration

Mon Apr 19, 2021 1:01 pm

Well crap!

That fixed it. I knew it was something simple. I really appreciate your help!

Blake
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19117
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: wAP AC Configuration

Mon Apr 19, 2021 3:01 pm

Also recommend setting this to none or deleting it as its purpose is not well understood and has known to cause issues in configs.
/interface detect-internet
set detect-interface-list=all

Who is online

Users browsing this forum: GoogleOther [Bot], VinceKalloe and 41 guests