Community discussions

MikroTik App
  4. RouterOS
  5. General

Adding DHCP Servers on Ports with Internet Access  [SOLVED]

Post Reply
 
riaanpre
just joined
Topic Author
Posts: 6
Joined: Wed Apr 05, 2017 3:38 pm
Location: South Africa

Adding DHCP Servers on Ports with Internet Access

Thu Sep 20, 2018 1:14 pm

I must be missing something. I did this a while ago and it worked, but not sure if i left a step out.
I am trying to setup a little play lab so i can play around with the MT router extra ports.
I am trying to add extra DHCP servers on port 7 and 10 and i have removed them from the bridge.

The problem is that it is issuing IP's it can not access the internet or even ping anything.

This is the intention
Image

And this is my script to setup my play lab
Code: Select all
/ip address
add interface=ether10 address=192.168.89.1/24
add interface=ether7 address=192.168.90.1/24

/ip pool
add name=poolether10 ranges=192.168.89.10-192.168.89.254
add name=poolether7 ranges=192.168.90.10-192.168.90.254

/ip dhcp-server
add disabled=no authoritative=yes bootp-support=none name=dhcpether10 interface=ether10 address-pool=poolether10
add disabled=no authoritative=yes bootp-support=none name=dhcpether7 interface=ether7 address-pool=poolether7

/ip dhcp-server network
add address=192.168.89.0/24 gateway=192.168.89.1
add address=192.168.99.0/24 gateway=192.168.99.1

/ip firewall connection tracking
set enabled=yes

/ip firewall filter
add chain=forward action=accept connection-state=established
add chain=forward action=accept connection-state=related
add chain=forward action=drop connection-state=invalid
add chain=forward action=drop out-interface=!WAN src-address=192.168.89.0/24 comment="Prevent inter-subnet communication"
add chain=forward action=drop out-interface=!WAN src-address=192.168.90.0/24 comment="Prevent inter-subnet communication"

/ip firewall nat
add chain=srcnat action=masquerade out-interface=WAN
and this is my current router setup (it is a blank basic setup router) the router does have internet access.
Here is my export.
Code: Select all
# sep/20/2018 12:13:33 by RouterOS 6.43.1
# software id = VIY5-WIQN
#
# model = 2011UiAS-2HnD
# serial number = 7A6708626CDD
/interface bridge
add admin-mac=CC:2D:E0:2F:85:C3 auto-mac=no comment=defconf name=bridgeLocal
/interface wireless
# managed by CAPsMAN
set [ find default-name=wlan1 ] ssid=MikroTik
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.88.20-192.168.88.200
add name=poolether10 ranges=192.168.89.10-192.168.89.254
add name=poolether7 ranges=192.168.90.10-192.168.90.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridgeLocal name=dhcp1
add address-pool=poolether10 disabled=no interface=ether10 name=dhcpether10
add address-pool=poolether7 disabled=no interface=ether7 name=dhcpether7
/interface bridge port
add bridge=bridgeLocal comment=defconf interface=ether1
add bridge=bridgeLocal comment=defconf interface=ether2
add bridge=bridgeLocal comment=defconf interface=ether3
add bridge=bridgeLocal comment=defconf interface=ether4
add bridge=bridgeLocal comment=defconf interface=ether5
add bridge=bridgeLocal comment=defconf interface=ether6
add bridge=bridgeLocal comment=defconf interface=ether8
add bridge=bridgeLocal comment=defconf interface=ether9
add bridge=bridgeLocal comment=defconf interface=sfp1
/ip firewall connection tracking
set enabled=yes
/interface list member
add interface=wlan1 list=WAN
add interface=bridgeLocal list=LAN
/interface wireless cap
# 
set bridge=bridgeLocal discovery-interfaces=bridgeLocal enabled=yes interfaces=wlan1
/ip address
add address=192.168.88.1/24 interface=ether1 network=192.168.88.0
add address=192.168.89.1/24 interface=ether10 network=192.168.89.0
add address=192.168.90.1/24 interface=ether7 network=192.168.90.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=bridgeLocal
add dhcp-options=hostname,clientid disabled=no interface=wlan1
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1 netmask=24
add address=192.168.89.0/24 dns-server=1.1.1.1,1.0.0.1 domain=DOM89 gateway=192.168.89.1
add address=192.168.99.0/24 dns-server=1.1.1.1,1.0.0.1 domain=DOM99 gateway=192.168.99.1
/ip firewall filter
add action=accept chain=forward connection-state=established
add action=accept chain=forward connection-state=related
add action=drop chain=forward connection-state=invalid disabled=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=masquerade chain=srcnat comment=ether5 out-interface=ether7
/system clock
set time-zone-name=Africa/Johannesburg
/system routerboard settings
set silent-boot=no
Top
 
User avatar
Anumrak
Forum Guru
Forum Guru
Posts: 1174
Joined: Fri Jul 28, 2017 2:53 pm

Re: Adding DHCP Servers on Ports with Internet Access

Thu Sep 20, 2018 2:59 pm

Why you masquerading traffic via wlan1?
Top
 
riaanpre
just joined
Topic Author
Posts: 6
Joined: Wed Apr 05, 2017 3:38 pm
Location: South Africa

Re: Adding DHCP Servers on Ports with Internet Access

Thu Sep 20, 2018 3:13 pm

Why you masquerading traffic via wlan1?
You have a point, did not see that. Also very strange since this is a "blank" router setup as in i reset it to factory defaults removed 2 ports from the bridge and then proceeded to add 2 more DHCP servers.
Top
 
riaanpre
just joined
Topic Author
Posts: 6
Joined: Wed Apr 05, 2017 3:38 pm
Location: South Africa

Re: Adding DHCP Servers on Ports with Internet Access  [SOLVED]

Thu Sep 20, 2018 4:27 pm

Sorted, beyond the fact that there was a weird masquerade rule for the wireless. i forgot to add the routes :)
Top
Post Reply

Who is online

Users browsing this forum: anav, jamesperks, MrDeepFreeze, PLJ020 and 95 guests
  4. RouterOS
  5. General