Community discussions

MikroTik App
 
hugojammal
just joined
Topic Author
Posts: 9
Joined: Thu Jun 05, 2014 1:35 am

PING in 2 networks

Mon Jun 09, 2014 2:38 am

I'm trying to configurate one routerboard RB2011UiAS to be used as a hotspot for clients and an administrative.


I configurated interfaces ether2, ether3, ether4 and ether5, in one bridge named hotspot_HU


I've created one DHCP Server to distribute IPs 20.0.0.0/16 for bridge hotspot_HU

The interfaces ether6, ether7, ether8, ether9 and ether10, I've configurate another bridge named ADM

And one DHCP Server to distribute IP na faixa 192.168.1.0/24 for bridge ADM

I fixed my computer IP 192.168.1.2, and i need to configurate the mikrotik to allow my computer (IP 192....) to ping and acess all Acess Point used to distributed internet through hotspot_HU (IP 20...)


I tried to use Static Routes, but didn't work.

Please help
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: PING in 2 networks

Mon Jun 09, 2014 2:20 pm

Post our put from /export compact.
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
hugojammal
just joined
Topic Author
Posts: 9
Joined: Thu Jun 05, 2014 1:35 am

Re: PING in 2 networks

Tue Jun 10, 2014 1:14 am

[hspot@AMBIENTE_TESTE] > /export compact
# jan/01/1970 21:13:46 by RouterOS 6.1
# software id = IJEL-ZDRG
#
/interface bridge
add l2mtu=2290 name=ADM protocol-mode=rstp
add l2mtu=1598 name=HSPOT-1
/interface ethernet
set 0 mac-address=4C:5E:0C:35:65:F3
set 1 mac-address=4C:5E:0C:35:65:F4
set 2 mac-address=4C:5E:0C:35:65:F5
set 3 mac-address=4C:5E:0C:35:65:F6
set 4 mac-address=4C:5E:0C:35:65:F7
set 5 mac-address=4C:5E:0C:35:65:F8
set 6 mac-address=4C:5E:0C:35:65:F9
set 7 mac-address=4C:5E:0C:35:65:FA
set 8 mac-address=4C:5E:0C:35:65:FB
set 9 mac-address=4C:5E:0C:35:65:FC
set 10 mac-address=4C:5E:0C:35:65:F2
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 mrru=1600 name=CTBC password=10udi032 user=hugo.jammal@r7.com
/interface wireless
set 0 band=2ghz-b/g/n disabled=no l2mtu=2290 mode=ap-bridge ssid="Apartamento 702"
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk eap-methods=passthrough mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=espinosa191
/ip hotspot profile
add dns-name=login.internet hotspot-address=20.0.0.1 html-directory=htmlv4 login-by=http-chap name=hsprof1
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d
add idle-timeout=10m keepalive-timeout=2m mac-cookie-timeout=3d name="PADRAO HSPOT" on-login=":local \"userActive\" \$user; \r\
\n:local \"mac\" [/ip hotspot active get [find user=\$\"userActive\"] mac-address]; \r\
\n:local \"ip\" [/ip hotspot active get [find user=\$\"userActive\"] address]; \r\
\n:log info \"{ 'User': '\$\"user\"', 'IP': '\$\"ip\"', 'MAC': '\$\"mac\"', 'Action': 'Login' }\"; " on-logout=":local \"userActive\" \$user;\r\
\n:local \"id\" [/ip hotspot user find name=\$\"user\"]; \r\
\n:local \"uptime\" [/ip hotspot user get [find name=\$\"user\"] uptime]; \r\
\n:local \"limit_uptime\" [/ip hotspot user get [find name=\$\"user\"] limit-uptime]; \r\
\n:local \"idInUse\" [/ip hotspot active find user=\$\"userActive\"]; \r\
\n:log info \"{ 'User': '\$\"user\"', 'UpTime': '\$\"uptime\"', 'LimitUpTime': '\$\"limit_uptime\"', 'Action': 'Logout', 'Id': '\$\"id\"', 'IdInUse': '\$\"idInUse\"' }\
\"; " rate-limit=512k/2048k shared-users=4 transparent-proxy=yes
add idle-timeout=20m keepalive-timeout=2m mac-cookie-timeout=3d name=REUNIAO on-login=":local \"userActive\" \$user; \r\
\n:local \"mac\" [/ip hotspot active get [find user=\$\"userActive\"] mac-address]; \r\
\n:local \"ip\" [/ip hotspot active get [find user=\$\"userActive\"] address]; \r\
\n:log info \"{ 'User': '\$\"user\"', 'IP': '\$\"ip\"', 'MAC': '\$\"mac\"', 'Action': 'Login' }\"; " on-logout=":local \"userActive\" \$user;\r\
\n:local \"id\" [/ip hotspot user find name=\$\"user\"]; \r\
\n:local \"uptime\" [/ip hotspot user get [find name=\$\"user\"] uptime]; \r\
\n:local \"limit_uptime\" [/ip hotspot user get [find name=\$\"user\"] limit-uptime]; \r\
\n:local \"idInUse\" [/ip hotspot active find user=\$\"userActive\"]; \r\
\n:log info \"{ 'User': '\$\"user\"', 'UpTime': '\$\"uptime\"', 'LimitUpTime': '\$\"limit_uptime\"', 'Action': 'Logout', 'Id': '\$\"id\"', 'IdInUse': '\$\"idInUse\"' }\
\"; " rate-limit=1024k/8192k shared-users=50 transparent-proxy=yes
/ip pool
add name=hs-pool-11 ranges=20.0.0.40-20.0.0.254
add name=dhcp_pool1 ranges=192.168.1.2-192.168.1.139
/ip dhcp-server
add address-pool=hs-pool-11 disabled=no interface=HSPOT-1 lease-time=1h name=dhcp1
add address-pool=dhcp_pool1 disabled=no interface=ADM lease-time=1d5h name=dhcp2
/ip hotspot
add address-pool=hs-pool-11 disabled=no interface=HSPOT-1 name=hotspot1 profile=hsprof1
/port
set 0 name=serial0
/interface pptp-client
add allow=pap,chap connect-to=186.222.3.143 disabled=no max-mru=1460 max-mtu=1460 name=pptp-out1 password=hspot@hsystem profile=default user=YZRL-TSXC
/queue simple
add comment="Micro 1" max-limit=512k/2048k name="Micro 1" target=20.0.0.22/32
/system logging action
set 0 memory-lines=1000
set 1 disk-lines-per-file=1000
add name=eventHSPOT remote=192.168.1.2 remote-port=513 target=remote
add name=eventLOG remote=192.168.1.2 target=remote
/certificate scep client
add server=0.0.0.0
/interface bridge port
add bridge=HSPOT-1 interface=ether2
add bridge=HSPOT-1 interface=ether3
add bridge=HSPOT-1 interface=ether4
add bridge=ADM interface=ether6
add bridge=ADM interface=ether7
add bridge=ADM interface=ether8
add bridge=ADM interface=ether9
add bridge=ADM interface=ether10
add bridge=ADM interface=ether5
add bridge=ADM interface=wlan1
/ip address
add address=20.0.0.1/16 comment="Interface HSPOT-1" interface=HSPOT-1 network=20.0.0.0
add address=192.168.1.1/24 comment="Rede ADM" interface=ADM network=192.168.1.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server lease
add address=192.168.1.2 comment="PC HSPOT RECEPCAO." mac-address=00:22:FB:C7:AA:DA
add address=20.0.0.22 comment="Micro 1" mac-address=00:00:00:00:00:01
/ip dhcp-server network
add address=20.0.0.0/16 comment="Interface HSPOT-1" gateway=20.0.0.1
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="Compartilha Link HSPOT-1" src-address=20.0.0.0/16 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="Compartilha Link ADM" src-address=192.168.1.0/24 to-addresses=0.0.0.0
/ip hotspot ip-binding
add address=20.0.0.22 comment="Micro 1" mac-address=00:00:00:00:00:01 type=bypassed
/ip hotspot user
add name=admin password=hsystem@s
/ip hotspot walled-garden
add dst-host=*hsystem.com.br*
add dst-host=*hspot.com.br*
add comment="place hotspot rules here" disabled=yes
/ip hotspot walled-garden ip
add action=accept disabled=no dst-port=3050 protocol=tcp
add action=accept disabled=no dst-port=1561 protocol=tcp
/ip ipsec peer
add
/ip route
add distance=1 dst-address=11.22.33.0/24 gateway=3.1.1.1
add distance=1 dst-address=20.0.0.5/32 gateway=20.0.0.1 scope=10
add distance=1 dst-address=192.168.1.2/32 gateway=192.168.1.1
/lcd
set backlight-timeout=never current-interface=ether1
/lcd interface
set 0 disabled=yes
set 2 disabled=yes
set 3 disabled=yes
set 4 disabled=yes
set 5 disabled=yes
set 6 disabled=yes
set 7 disabled=yes
set 8 disabled=yes
set 9 disabled=yes
/system clock
set time-zone-name=America/Sao_Paulo
/system identity
set name=AMBIENTE_TESTE
/system logging
add action=eventLOG prefix=<<<usuario>>> topics=hotspot
add action=eventLOG prefix=<<<firewall>>> topics=firewall
add action=eventHSPOT prefix=jsonHSPOT topics=script
/system ntp client
set enabled=yes mode=unicast primary-ntp=159.148.60.2 secondary-ntp=200.20.186.75
/system scheduler
add disabled=yes interval=30s name=schedule1 on-event=dyndns policy=reboot,read,write,policy,test,password,sniff,sensitive start-date=jan/01/1970 start-time=00:00:00
add disabled=yes interval=1m name=schedule2 on-event=changeip policy=reboot,read,write,policy,test,password,sniff,sensitive start-date=may/23/2014 start-time=17:35:09
/system script
add name=dyndns policy=ftp,reboot,read,write,policy,test,winbox,password,sensitive source=":local atualipservervpn [:resolve \"ts.hsystem.com.br\"]\r\
\n:log info \"Atual IP do servidor VPN: \$atualipservervpn\"\r\
\n\r\
\n\r\
\n:local ipcadastradoservervpn [/interface pptp-client get value-name=connect-to pptp-out1]\r\
\n:log info \"IP cadastrado do servidor VPN: \$ipcadastradoservervpn\"\r\
\n\r\
\n\r\
\n:if (\$atualipservervpn != \$ipcadastradoservervpn) do={interface pptp-client set pptp-out1 connect-to=\$atualipservervpn\r\
\n:log info \"Configuracao de VPN alterada\"}"
add name=changeip policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api source="# Dynamic DNS Update / Simple Edition\r\
\n# Written by Sam Norris, ChangeIP.com\r\
\n# Copyright ChangeIP.com 2009-2010\r\
\n# For support send mail to Support@ChangeIP.com\r\
\n#\r\
\n# 2009-06-22 RouterOS 3.25 Tested\r\
\n# 2009-10-05 RouterOS 4.01rc1 Tested\r\
\n#\r\
\n# OVERVIEW: %\r\
\n# This script will update a ChangeIP.com dynamic dns hostname\r\
\n# with an ip address located directly on an interface.\r\
\n# %\r\
\n# NOTES: %\r\
\n# IF THIS SCRIPT DOES NOT PRODUCE ANY OUTPUT PLEASE COPY AND PASTE IT\r\
\n# AGAIN. THERE PROBABLY IS A LINE BREAK IN THE WRONG PLACE! Once you\r\
\n# have created this script and tested that it works by running it\r\
\n# manually you can schedule it to run every few minutes.\r\
\n# %\r\
\n# CONFIGURATION FIELD DEFINITIONS:\r\
\n# ddnsuser: ChangeIP.com user id.\r\
\n# ddnspass: Enter your ChangeIP.com password.\r\
\n# ddnshost: Enter the hostname (www.example.com) to update.\r\
\n# ddnsinterface: Enter an interface name - case sensative.\r\
\n# %\r\
\n# %\r\
\n# %\r\
\n# %\r\
\n# % % %\r\
\n# % % %\r\
\n# % % %\r\
\n# %\r\
\n# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\
\n# EDIT YOUR DETAILS / CONFIGURATION HERE\r\
\n# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\
\n:global ddnsuser \"hugo_jammal@hotmail.com\"\r\
\n:global ddnspass \"mikrotikhu\"\r\
\n:global ddnshost \"hoteluniverso.changeip.net\"\r\
\n:global ddnsinterface \"CTBC\"\r\
\n# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\
\n# END OF USER DEFINED CONFIGURATION\r\
\n# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\
\n\r\
\n:global ddnssystem (\"mt-\" . [/system package get [/system package find name=system] version] )\r\
\n:global ddnsip [ /ip address get [/ip address find interface=\$ddnsinterface] address ]\r\
\n:global ddnslastip\r\
\n\r\
\n:if ([:len [/interface find name=\$ddnsinterface]] = 0 ) do={ :log info \"DDNS: No interface named \$ddnsinterface, please check configuration.\" }\r\
\n\r\
\n:if ([ :typeof \$ddnslastip ] = \"nothing\" ) do={ :global ddnslastip 0.0.0.0/0 }\r\
\n\r\
\n:if ([ :typeof \$ddnsip ] = \"nothing\" ) do={\r\
\n\r\
\n:log info (\"DDNS: No ip address present on \" . \$ddnsinterface . \", please check.\")\r\
\n\r\
\n} else={\r\
\n\r\
\n :if (\$ddnsip != \$ddnslastip) do={\r\
\n\r\
\n :log info \"DDNS: Sending UPDATE!\"\r\
\n :log info [ :put [/tool dns-update name=\$ddnshost address=[:pick \$ddnsip 0 [:find \$ddnsip \"/\"] ] key-name=\$ddnsuser key=\$ddnspass ] ]\r\
\n :global ddnslastip \$ddnsip\r\
\n\r\
\n } else={ \r\
\n\r\
\n :log info \"DDNS: No changes necessary.\"\r\
\n\r\
\n }\r\
\n\r\
\n}\r\
\n\r\
\n# END OF SCRIPT"
/tool graphing interface
add
add
/tool graphing resource
add
/tool netwatch
add comment="Monitorar internet" down-script="/system script run DOWN-LINK \\r\\n" host=8.8.8.8 interval=5s up-script=\
"=/system scheduler enabled [/system scheduler find name=remover_dns_dinamico]\\r\\n/ system script run LINK-UP\\r\\n"
 
hugojammal
just joined
Topic Author
Posts: 9
Joined: Thu Jun 05, 2014 1:35 am

Re: PING in 2 networks

Tue Jun 10, 2014 12:58 pm

Post our put from /export compact.
Celtic, I'm was tinking that is not possible to set static routes for 2 bridges.

Because the bridges are a kind of a route, am I correct?

So what about the NAT rules?
 
User avatar
c0d3rSh3ll
Long time Member
Long time Member
Posts: 558
Joined: Mon Jul 25, 2011 9:42 pm
Location: [admin@Chile] >

Re: PING in 2 networks

Tue Jun 10, 2014 6:51 pm

If you need access to AP first add the mac address of each device to ip-binding section.

sent from my mobile phone using tapatalk
nothing
 
hugojammal
just joined
Topic Author
Posts: 9
Joined: Thu Jun 05, 2014 1:35 am

Re: PING in 2 networks

Wed Jun 11, 2014 1:55 am

If you need access to AP first add the mac address of each device to ip-binding section.

sent from my mobile phone using tapatalk
Tanks. it works perfectlly. Without routes, just ip binding

But is it possible to configure in a different way (without MAC)?
Because, my objective is to tell to somebody install or replace damaged AP and I remotely configure it. Some cases the pepople who goes to install this AP are completely nooby and hasn't the skills to send me the MAC adress.

Who is online

Users browsing this forum: cusna, erlinden, Kindis and 242 guests