Community discussions

MikroTik App
  4. RouterOS
  5. General

hAP ac² as switch + ap

Post Reply
 
obi
just joined
Topic Author
Posts: 6
Joined: Thu Jun 06, 2019 4:01 pm

hAP ac² as switch + ap

Thu Jun 06, 2019 4:35 pm

I am planning to buy the hAP ac² and was wondering if this set up is possible.

My current setup is a linux server running all needed network services with two ethernet ports (eth0, eth1) and a n/g wifi card running in ap mode (wifi0). Currently wifi0 and eth1 are bridged to br0. Eth0 is connected to a bridged modem with a static IP and is providing everyone connection to br0 with all needed for accessing the network and internet.

I would like to upgrade my old wifi to 5ghz and have some trouble finding a network card that can use any available port on my server and also has drivers with ap support. So I was thinking to get the hAP ac² and remove the old card. The new configuration would loose the wifi0 interface, eth0 would still be connected to the modem and eth1 would connect to the hAP.

I would like to know is it possible to configure hAP in a way that it works as a switch and ap, and that still enables my server to take care of everything (ip assignment, firewalling, internet,...) no matter if something is connected to hAP via ethernet or wifi?
Top
 
User avatar
grusu
Member Candidate
Member Candidate
Posts: 129
Joined: Tue Aug 13, 2013 7:35 am
Location: Bucharest, Romania

Re: hAP ac² as switch + ap

Thu Jun 06, 2019 4:55 pm

Hi,

You can configure a bridge to put the eth0 - eth4 and wlan (2.4 and 5 GHz - physical or virtual) ports. Wlans must be configured in "ap bridge" mode.

Best regards,
Geo
Top
 
obi
just joined
Topic Author
Posts: 6
Joined: Thu Jun 06, 2019 4:01 pm

Re: hAP ac² as switch + ap

Thu Jun 06, 2019 5:49 pm

So there is no hidden NAT on the wlan where in the end every device is presented under the same ip to my server like I've read is the problem with some routers?
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19371
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: hAP ac² as switch + ap

Thu Jun 06, 2019 6:22 pm

You would probably create a bridge setup on the hapac and define your etherent interfaces and any vlans if any.
No need to create new subnets or anything else.
A diagram of what you are thinking would help that would show what subnets you wish to have and how they are distributed
Top
 
nostromog
Member Candidate
Member Candidate
Posts: 226
Joined: Wed Jul 18, 2018 3:39 pm

Re: hAP ac² as switch + ap

Thu Jun 06, 2019 6:45 pm

EDIT: I think I was wrong, WISP AP is for a station connection on 5GHz band, use instead Home AP Dual.
So there is no hidden NAT on the wlan where in the end every device is presented under the same ip to my server like I've read is the problem with some routers?
I think that if you upgrade it, select "Home AP Dual" in "quickset" and then
  • set up wifi parameters
  • select static ip address or dynamic, as desired
  • untick "Firewall router"
  • untick "DHCP server"
  • untick "NAT"
  • apply configuration
you should end up with what you are looking for, or something that you can customize later easily. You might need to add
ether1 to the bridge, I'm not sure how the default configuration deals with non-DHCP, non-NAT configs and I have no spare
h AP ac^2 to try it.

After that you could use "/ export" in a terminal to check what configuration remains, and work from there...
Top
 
obi
just joined
Topic Author
Posts: 6
Joined: Thu Jun 06, 2019 4:01 pm

Re: hAP ac² as switch + ap

Thu Jun 06, 2019 7:09 pm

A diagram of what you are thinking would help that would show what subnets you wish to have and how they are distributed
Image
I have only one subnet 192.168.0.1/27 and I would like to keep the same configuration (if you remove the hAP, the diagram shows my current configuration), only that instead of my server the hAP would provide wlan. The server acts as a gateway, firewall, dhcp and dns server and gives out all the ip addresses.

[*] select static ip address or dynamic, as desired
It seems like what I want, I'm just not sure if the address you mention here is just to access hAPs configuration or will all wifi clients use this IP to talk with the rest of the network? I want my server to assign each ip.
Top
 
nostromog
Member Candidate
Member Candidate
Posts: 226
Joined: Wed Jul 18, 2018 3:39 pm

Re: hAP ac² as switch + ap

Thu Jun 06, 2019 7:22 pm

[*] select static ip address or dynamic, as desired
It seems like what I want, I'm just not sure if the address you mention here is just to access hAPs configuration or will all wifi clients use this IP to talk with the rest of the network? I want my server to assign each ip.
Mikrotik routers are quite flexible. Typically default configurations have a firewalled ether1 as upstream, and a bridge with the rest of the interfaces (wired and wireless) NATted to the IP address in this upstream interface.

You can use (once!) a web tool called "Quickset" to quickly customize and redeploy a default configuration. Or you can work it out it by hand.

If you select a "Home AP Dual" one you get most of what you want. By default, with NAT, DHCP server and firewall ticked, it would be your standard router. If you untick those, I would expect at least that no dhcp-server configuration and no firewall/NAT will be configured.

Possibly there will still be ether1 separate from the bridge, and maybe some ip routes... Never tried that one

If this is the case, you can add ether1 as a port into the bridge (switch) and remove the routes involving ether1...

I'm quite sure that what you want is doable, just that I'm not sure if you will have to tweak the output of this default configuration, but I'm sure you will know how to if you are setting up linux as a router/firewall
Top
 
obi
just joined
Topic Author
Posts: 6
Joined: Thu Jun 06, 2019 4:01 pm

Re: hAP ac² as switch + ap

Thu Jun 06, 2019 7:28 pm

Thanks a lot for all the help and information. I just needed to know that it's possible but you've given me plenty more than just that info. As long as it's doable I'm sure I can make it work (eventually). I'm going to go ahead and place my order.
Top
 
User avatar
macsrwe
Forum Guru
Forum Guru
Posts: 1007
Joined: Mon Apr 02, 2007 5:43 am
Location: Arizona, USA
Contact:
Contact macsrwe

Re: hAP ac² as switch + ap

Thu Jun 13, 2019 3:54 am

Thanks a lot for all the help and information. I just needed to know that it's possible but you've given me plenty more than just that info. As long as it's doable I'm sure I can make it work (eventually). I'm going to go ahead and place my order.
I can guarantee you right off the bat that it's doable and that it works fine. I have one in my home configured exactly this way. My WISP company routinely configured every indoor customer WiFi AP this way, including the various models of hAPs, mAPs, cAPs, and SOHO routers.
Top
 
User avatar
vecernik87
Forum Veteran
Forum Veteran
Posts: 882
Joined: Fri Nov 10, 2017 8:19 am

Re: hAP ac² as switch + ap

Fri Jun 14, 2019 5:50 am

Thanks a lot for all the help and information. I just needed to know that it's possible but you've given me plenty more than just that info. As long as it's doable I'm sure I can make it work (eventually). I'm going to go ahead and place my order.
Absolutely doable. I use this very often. I actually use hAP ac^2 exclusively for all purposes (router, switch+AP, TAP) due to its universal nature and very low price. It simplifies inventory management a lot!
Unfortunately, as you figured out, quickset is not really good for this. I actually covered that earlier.

I would say easiest way to achieve this would be reset config with no defaults and load short'n'simple Switch+DualAP config:
Code: Select all
# Switch+DualAP config v1
# model = RouterBOARD D52G-5HacD2HnD-TC
#
# USAGE:
# modify values as needed and save as "init.rsc"
# upload file to your router into "flash" directory 
# in command line run  /system reset-configuration no-defaults=yes keep-users=yes run-after-reset=flash/init.rsc
{
# !IMPORTANT! modify following values:
	local wifiname "yourWifiName"
	local wifipass "yourWifiPassword"

# You can modify following config if you know what you are doing:

#wait a while, hopefully all interfaces will be initialized by then
	:delay 10

#create bridge, add ports and let it acquire IP from DHCP
	/interface bridge add name=bridge1

	:foreach k in=[/interface find where !(slave=yes || name~"bridge")] do={
		/interface bridge port add bridge=bridge1 interface=[/interface get $k name];
	}

	/ip dhcp-client
		add interface=bridge1 disabled=no

#set up wifi
	/interface wireless security-profiles 
		set [ find default=yes ] authentication-types=wpa2-psk disable-pmkid=yes eap-methods="" mode=dynamic-keys wpa2-pre-shared-key=$wifipass
	/interface wireless
		set [ find ] mode=ap-bridge disabled=no ssid=$wifiname wps-mode=disabled frequency=auto
		set [ find default-name=wlan1 ] band=2ghz-b/g channel-width=20mhz
		set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-Ceee

# this prevents any routing (L3 forwarding) in case if you set up multiple IP addresses later
	/ip settings 
		set ip-forward=no  

}
Please, keep in mind that I intentionally didn't include any firewall/security measures. That would bloat the script and there is no one universal approach - everyone has their own way.
Important - make sure you are using secure password. Even if its just your network, you shouldn't have unsecured device on it.
Top
Post Reply

Who is online

Users browsing this forum: Bing [Bot], mbovenka and 185 guests
  4. RouterOS
  5. General