Okay 2 days straight now almost 10 hrs a day. lol

read who knows how many how-tos and followed a whole bunch of examples. here my setup..
Here is my pc settings connected to regular lynksys router

Physical Address: 00-13-D4-08-EE-17
IP Address: 192.168.15.100
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.15.1
DHCP Server: 192.168.15.1
Lease Obtained: 5/21/2007 12:50:06 AM
Lease Expires: 5/22/2007 12:50:06 AM
DNS Servers: 206.47.244.89, 206.47.244.139
WINS Server:


First off, I have 2 pc nodes, both with XR2 radios. As soon as I can figure all this out, I want to setup a 30 node mesh.


Here is what I have done.

First off ,

ip address > wlan1=10.0.0.2/24
ip address > ether1=192.168.15.105/24 <-- connected to lynksys router
ip address > bridge1=192.168.0.1 <--not sure about this one, I just added it an hour ago and tried a whole bunch of stuff.

I created a bridge1 and in ports added both wlan1 and ether1 to bridge.

Now for the good stuff.

If i create a dhcp server with the wizard setup like this..

Server Interface>bridge1
dhcp address space>192.168.15.0/24
gateway for dhcp network>192.168.15.1
dns servers>206.47.244.89 and 206.47.244.139 <--same as what show on my pc tcp settings given from ISP
lease time> 3 days

I can connect to the internet no problem from laptop via wireless. Oh yah wireless is configured as AP-bridge wds dynamic

if I erase all my dhcp server stuff and now go into the hotspot wizard , this is one of the many setups I have tried,.

Hotspot interface>bridge1
local address of network>192.168.15.105/24
select certificate>none
ip of SMTP>0.0.0.0
dns servers> 206.47.244.89 <--same as what my ISP has given my pc
dns name>test

Now the wizard added itsa stuff abit everywhere and I see the dhcp server settings also. If I try to connect with laptop, i can blank explorer page, after playing with more settings in dhcp like the gateway, I can get to where after typing in a url I see that it tries to go get the login authenticate page in the url but I get blank browser page. I dont know what I did at one point in my 20 hrs in 2 days of playing around with the thing, bu once I actually got the login page..

I have a feeling among my other 20 mistakes, that it also has something to do with the dns info im putting in the hotspot wizard.


Amy and All comments would be appreciated. I have read really alot of how to s and still am a no go for what im looking to achieve.

Thx in advance...

I can see quite a few fundamental mistakes here, and if I were you I'd get some expert assistance to set up your 30-node mesh...

But for the first - here's some tips:

Bridging - there's no point in putting IP's on separate interfaces if you're bridging all of them. Put all your IP's on the bridge. Remember if you bridge, then all bridged interfaces can be seen from each other, and you don'y necessarily want that.

Gateway - I don't see a mention of a gateway defined on your MT router.

BUT - if you want to run Hotspot on an interface, then don't bridge it - route it... but Hotspot on bridge will work in certain circumstances.

If Hotspot is not showing you your login page, then the router can't find the Internet - test this by pinging a website from the router terminal window.

Now - what purpose is the Linksys router serving? is it an ADSL router? Can you make the MT manage the Internet connection?

My suggestion is:

Delete your bridge (actually - use '/system reset' in terminal window)
Add only an IP on the LAN (192.168.15.100)
Add a default gateway address (Linksys addr)
Add yr ISP DNS address in ip/dns/settings - make sure u check 'accept remote requests'
Run the Hotspot wizard for the Wlan interface
Use the Hotpot address (10.5.50.1 default for MT) on the Wlan as the DNS address in the hotspot wizard.

And that should work...

HI thx a million for the reply.

The linksys router is need for a server, my pc, a dvb satellite unit and connects the mt unit.

k I gave the ether1 ip of 192.168.15.105 which is what the lynksys wants it 2 have.

added in ip address settings the dns info of isp

setup wizard
hs interface on wlan
used default ip that was there 10.5.50.0/24
added 10.5.50 as primary dns when asked as you mentioned.

just one thing, where would I add the gateway that you mentioned (ip of lynksys router (192.168.15.1) )? cause at the moment, no go..! I also just quickcly tried in dhcp server/network to change the gateway there to 192.168.15.1 and no go. I put it back to what it was which was 10.5.50.0..

Don't get confused between the gateway of the hotspot client & the gateway of the router.

client---->gateway(hotspot)--->MT gateway (linksys)--->Linksys--->internet

Set the MT gateway in /ip routes

/ip route add gateway=192.168.15.1 (linksys)

or in Winbox - click IP-->routes, '+' add gateway address with dst-address 0.0.0.0/0

OO MMM GGGG IT WORKS

I dont belive it, thx man!!!!!

Wht couldnt there have been a simple how to just like yours..? anyways

I dont know if your up 2 helping me with my next issue..

mesh with other mt box.

Im already setup as ap-bridge with wds dynamic

apart from having the samme ssid and freq. etc on client mt, what more must I do for the client ap to connect with gateway mt?

Glad I could help!

Now this is where it gets a bit complicated.

2 options of approach:
set up another hotspot on the 2nd router
set up hotspot on 1st rtr only and forward hotspot requests from 2nd rtr

for method2:

rtr1:
Create a bridge
set wlan mode to AP bridge
set wlan WDS mode to dynamic, default bridge to yr new bridge
move all hotspot & DHCP settings from wlan to the bridge

rtr2:
create a bridge
set wlan mode to AP bridge
set wlan WDS mode to dynamic, default bridge to yr new bridge
add IP 10.5.50.2 to the bridge
add gateway (default route) as 10.5.50.1 (rtr 1)
ip dns can be rtr1, but not needed in this case (just for testing)

back on rtr 1 (winbox):
ip-->hotspot-->ip bindings-->add-->
set only:
address = 10.5.50.2 (rtr2)
server = 'all' or specific hs-server
type = bypass

this allows rtr2 to bypass the hotspot firewall & forward client requests to the hotspot.

adding node 3-30 works essentially the same in theory, but with added loop-prevention settings (STP/RSTP) and wireless connect rules.
When the mesh gets bigger, it doesn't go as easily as this....

There are some good threads on the later stage settings for a mesh on the forums.

hmm followed instructions.. no go, couple questions..

In the bridge section on rtr1 u said to add bridge then select bridge1 in WDS etc, thats all fine, but in bridge>ports I see that WDS was added, do I need to add i ports also wlan1 and or ether1? or since u didnt mentione that, just leave with the wds entry in there?

Same as in rtr2. I gave bridge ip etc and in ports see wds entry. Do I add wlan1 in there? or no?

also in rtr2 , do I leave ip address for wlan which I gave it in the beginning? or remove its ip addy and have only the addy for the bridge which i created?

Thx in advance

christophe_007 at hotmail dot com msn messe...

remember what i said about adding individual ip's to bridged interfaces.

If you have a bridge with interfaces in the bridge, you only need an ip on the bridge. So, remove the 'old' ip - better yet, do /system reset on rtr2...

rtr1 configuration concept remains the same as your first test one - no bridged ethernet, only routed with default gateway as before.

It's not necessary to add the wlan & the wds to the bridge, as the wds is the wireless bridge between the 2 nodes. Bridging them won't change anything.

test from rtr2 - ping rtr1 & the linksys gateway. Set /ip dns and ping a website address...

HI im not having to much success. At this point im not even able to get back to my basic hotspot. Idont know what im doing wrong. I got once before all was well, know im a sh!!ts creek lol Would you or anyone else for that matter be willing to make a config file for me and i can ifcourse put something in your pocket for your troubles...??

post your exported (cleaned up) config for each router here & I'll have a look... use
Then clean it up (remove all irrelevant script portions) and copy & paste here...

rtr1 with lan connection 192.168.15.105 - gateway of router 192.168.15.1


# may/27/2007 20:22:33 by RouterOS 2.9.43
# software id = N0W9-ILN
#
/ interface ethernet
set ether1 name="ether1" mtu=1500 mac-address=00:B0:D0:F1:30:B4 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
/ interface wireless
set wlan1 name="wlan1" mtu=1500 mac-address=00:15:6D:63:14:81 arp=enabled \
disable-running-check=no radio-name="00156D631481" mode=ap-bridge \
ssid="POGOsansfil" area="" frequency-mode=manual-txpower \
country=no_country_set antenna-gain=0 frequency=2462 band=2.4ghz-b/g \
scan-list=default rate-set=configured \
supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps \
supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps basic-rates-b=1Mbps \
basic-rates-a/g=6Mbps max-station-count=2007 ack-timeout=dynamic \
tx-power-mode=default noise-floor-threshold=default \
periodic-calibration=default periodic-calibration-interval=60 \
burst-time=disabled dfs-mode=none antenna-mode=ant-a wds-mode=dynamic \
wds-default-bridge=bridge1 wds-default-cost=100 wds-cost-range=50-150 \
wds-ignore-ssid=no update-stats-interval=disabled \
default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 \
default-client-tx-limit=0 proprietary-extensions=post-2.9.25 hide-ssid=no \
security-profile=default disconnect-timeout=3s on-fail-retry-time=100ms \
preamble-mode=both compression=no allow-sharedkey=no comment="" \
disabled=no
/ interface wireless nstreme
set wlan1 enable-nstreme=no enable-polling=yes framer-policy=none \
framer-limit=3200
/ interface wireless manual-tx-power-table
set wlan1 manual-tx-powers=1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9Mbp\
s:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17
/ interface wireless security-profiles
set default name="default" mode=none authentication-types="" \
unicast-ciphers="" group-ciphers="" wpa-pre-shared-key="" \
wpa2-pre-shared-key="" eap-methods=passthrough tls-mode=no-certificates \
tls-certificate=none static-algo-0=none static-key-0="" static-algo-1=none \
static-key-1="" static-algo-2=none static-key-2="" static-algo-3=none \
static-key-3="" static-transmit-key=key-0 static-sta-private-algo=none \
static-sta-private-key="" radius-mac-authentication=no group-key-update=5m
/ interface wireless wds
/ interface wireless align
set frame-size=300 active-mode=yes receive-all=no \
audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 ssid-all=no \
frames-per-second=25 audio-min=-100 audio-max=-20
/ interface wireless snooper
set multiple-channels=yes channel-time=200ms receive-errors=no
/ interface wireless sniffer
set multiple-channels=no channel-time=200ms only-headers=no receive-errors=no \
memory-limit=10 file-name="" file-limit=10 streaming-enabled=no \
streaming-server=0.0.0.0 streaming-max-rate=0
/ interface bridge
add name="bridge1" mtu=1500 arp=enabled protocol-mode=none priority=0x8000 \
auto-mac=yes admin-mac=00:00:00:00:67:65 max-message-age=20s \
forward-delay=15s transmit-hold-count=6 ageing-time=5m comment="" \
disabled=no
/ interface bridge port
/ interface l2tp-server server
set enabled=no max-mtu=1460 max-mru=1460 \
authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption
/ interface pptp-server server
set enabled=no max-mtu=1460 max-mru=1460 authentication=mschap1,mschap2 \
keepalive-timeout=30 default-profile=default-encryption
/ ip pool
add name="hs-pool-3" ranges=10.5.50.2-10.5.50.254
/ ip ipsec proposal
add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m \
lifebytes=0 pfs-group=modp1024 disabled=no
/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id="" remote-address=0.0.0.0
/ ip telephony aaa
set use-radius-accounting=no interim-update=0s
/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=no
set ftp port=21 address=0.0.0.0/0 disabled=no
set www port=80 address=0.0.0.0/0 disabled=no
set ssh port=22 address=0.0.0.0/0 disabled=no
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes
/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
/ ip arp
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip dns
set primary-dns=10.5.50.1 secondary-dns=206.47.244.139 \
allow-remote-requests=yes cache-size=2048KiB cache-max-ttl=1w
/ ip dns static
/ ip traffic-flow
set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m \
inactive-flow-timeout=15s
/ ip address
add address=192.168.15.105/24 network=192.168.15.0 broadcast=192.168.15.255 \
interface=ether1 comment="" disabled=no
add address=10.5.50.1/24 network=10.5.50.0 broadcast=10.5.50.255 \
interface=bridge1 comment="hotspot network" disabled=no
/ ip proxy
set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000 \
maximal-server-connectons=1000
/ ip proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no
/ ip accounting
set enabled=no account-local-traffic=no threshold=256
/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ ip neighbor discovery
set ether1 discover=yes
set wlan1 discover=yes
set bridge1 discover=yes
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.15.1 distance=1 scope=255 \
target-scope=10 comment="" disabled=no
/ ip firewall nat
add chain=srcnat src-address=10.5.50.0/24 action=masquerade \
comment="masquerade hotspot network" disabled=no
/ ip firewall filter
/ ip firewall service-port
set ftp ports=21 disabled=no
set tftp ports=69 disabled=no
set irc ports=6667 disabled=no
set h323 disabled=yes
set quake3 disabled=no
set gre disabled=yes
set pptp disabled=yes
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s \
tcp-established-timeout=1d tcp-fin-wait-timeout=10s \
tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-time-wait-timeout=10s tcp-close-timeout=10s udp-timeout=10s \
udp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m \
tcp-syncookie=no
/ ip dhcp-server
add name="dhcp1" interface=bridge1 lease-time=1h address-pool=hs-pool-3 \
bootp-support=static authoritative=after-2sec-delay disabled=no
/ ip dhcp-server config
set store-leases-disk=5m
/ ip dhcp-server network
add address=10.5.50.0/24 gateway=10.5.50.1 comment="hotspot network"
/ ip hotspot
add name="hotspot1" interface=bridge1 address-pool=hs-pool-3 profile=hsprof1 \
idle-timeout=5m keepalive-timeout=none addresses-per-mac=2 disabled=no
/ ip hotspot service-port
set ftp ports=21 disabled=no
/ ip hotspot ip-binding
add address=10.5.50.2 type=bypassed comment="" disabled=no
/ ip hotspot profile
set default name="default" hotspot-address=0.0.0.0 dns-name="" \
html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
split-user-domain=no use-radius=no
add name="hsprof1" hotspot-address=10.5.50.1 dns-name="pogodns" \
html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
split-user-domain=no use-radius=no
/ ip hotspot user
add name="admin" password="" profile=default comment="" disabled=no
/ ip hotspot user profile
set default name="default" idle-timeout=none keepalive-timeout=2m \
status-autorefresh=1m shared-users=1 transparent-proxy=yes \
open-status-page=always advertise=no
/ ip web-proxy
set enabled=no src-address=0.0.0.0 port=3128 hostname="proxy" \
transparent-proxy=no parent-proxy=0.0.0.0:0 \
cache-administrator="webmaster" max-object-size=4096KiB cache-drive=system \
max-cache-size=none max-ram-cache-size=unlimited
/ ip web-proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no
/ ip web-proxy cache
add url=":cgi-bin \\\?" action=deny comment="don't cache dynamic http pages" \
disabled=no
/ system logging
add topics=info prefix="" action=memory disabled=no
add topics=error prefix="" action=memory disabled=no
add topics=warning prefix="" action=memory disabled=no
add topics=critical prefix="" action=echo disabled=no
/ system logging action
set memory name="memory" target=memory memory-lines=100 memory-stop-on-full=no
set disk name="disk" target=disk disk-lines=100 disk-stop-on-full=no
set echo name="echo" target=echo remember=yes
set remote name="remote" target=remote remote=0.0.0.0:514
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 \
check-interval=1d user=""
/ system clock manual
set time-zone=+00:00 dst-delta=+00:00 dst-start="jan/01/1970 00:00:00" \
dst-end="jan/01/1970 00:00:00"
/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes \
no-ping-delay=5m automatic-supout=yes auto-send-supout=no
/ system console
add port=serial0 term="" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
/ system console screen
set line-count=25
/ system identity
set name="MikroTik"
/ system note
set show-at-login=yes note=""
/ system gps
set enabled=no set-system-time=yes
/ system lcd
set enabled=no type=24x4 port=parallel contrast=0
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set bridge1 display-time=5s disabled=yes
set wlan1 display-time=5s disabled=yes
set ether1 display-time=5s disabled=yes
set wds1 display-time=5s disabled=yes
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ system health
set state-after-reboot=enabled
/ system routerboard bios
set
/ port
set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
set serial1 name="serial1" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
/ ppp profile
set default name="default" use-compression=default use-vj-compression=default \
use-encryption=default only-one=default change-tcp-mss=yes comment=""
set default-encryption name="default-encryption" use-compression=default \
use-vj-compression=default use-encryption=yes only-one=default \
change-tcp-mss=yes comment=""
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ queue type
set default name="default" kind=pfifo pfifo-limit=50
set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
set synchronous-default name="synchronous-default" kind=red red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
add name="default-small" kind=pfifo pfifo-limit=10
/ queue interface
set ether1 queue=ethernet-default
set wlan1 queue=wireless-default
set bridge1 queue=default
set wds1 queue=wireless-default
/ queue simple
/ tool bandwidth-server
set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10
/ tool mac-server ping
set enabled=yes
/ tool e-mail
set server=0.0.0.0 from="<>"
/ tool sniffer
set interface=all only-headers=no memory-limit=10 file-name="" file-limit=10 \
streaming-enabled=no streaming-server=0.0.0.0 filter-stream=yes \
filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 \
filter-address2=0.0.0.0/0:0-65535
/ tool graphing
set store-every=5min
/ user
add name="admin" group=full address=0.0.0.0/0 comment="system default user" \
disabled=no
/ user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!f\
tp,!write,!policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password\
,web,!ftp,!policy
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
x,password,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read
/ radius incoming
set accept=no port=1700
/ driver
/ snmp
set enabled=no contact="" location=""
/ snmp community
set public name="public" address=0.0.0.0/0 read-access=yes
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no \
redistribute-static=no redistribute-rip=no redistribute-bgp=no \
metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 \
metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 type=default translator-role=translate-candidate \
authentication=none disabled=no
/ routing bgp instance
set default name="default" as=65530 router-id=0.0.0.0 \
redistribute-connected=no redistribute-static=no redistribute-rip=no \
redistribute-ospf=no redistribute-other-bgp=no out-filter="" \
client-to-client-reflection=yes ignore-as-path-len=no comment="" \
disabled=no
/ routing rip
set distribute-default=never redistribute-static=no redistribute-connected=no \
redistribute-ospf=no redistribute-bgp=no metric-default=1 metric-static=1 \
metric-connected=1 metric-ospf=1 metric-bgp=1 update-timer=30s \
timeout-timer=3m garbage-timer=2m
/ routing rip interface
add interface=all receive=v2 send=v2 authentication=none authentication-key="" \
key-chain="" in-filter="" out-filter="" disabled=no


rtr2

to be AP and mesh unit to rtr1



# may/27/2007 20:13:47 by RouterOS 2.9.43
# software id = BQG2-SQT
#
/ interface ethernet
set ether1 name="ether1" mtu=1500 mac-address=00:B0:D0:97:59:64 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
/ interface wireless
set wlan1 name="wlan1" mtu=1500 mac-address=00:15:6D:63:14:7A arp=enabled \
disable-running-check=no radio-name="00156D63147A" mode=ap-bridge \
ssid="POGOsansfil" area="" frequency-mode=manual-txpower \
country=no_country_set antenna-gain=0 frequency=2462 band=2.4ghz-b/g \
scan-list=default rate-set=configured \
supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps \
supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps basic-rates-b=1Mbps \
basic-rates-a/g=6Mbps max-station-count=2007 ack-timeout=dynamic \
tx-power-mode=default noise-floor-threshold=default \
periodic-calibration=default periodic-calibration-interval=60 \
burst-time=disabled dfs-mode=none antenna-mode=ant-a wds-mode=dynamic \
wds-default-bridge=bridge1 wds-default-cost=100 wds-cost-range=50-150 \
wds-ignore-ssid=no update-stats-interval=disabled \
default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 \
default-client-tx-limit=0 proprietary-extensions=post-2.9.25 hide-ssid=no \
security-profile=default disconnect-timeout=3s on-fail-retry-time=100ms \
preamble-mode=both compression=no allow-sharedkey=no comment="" \
disabled=no
/ interface wireless nstreme
set wlan1 enable-nstreme=no enable-polling=yes framer-policy=none \
framer-limit=3200
/ interface wireless manual-tx-power-table
set wlan1 manual-tx-powers=1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9Mbp\
s:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17
/ interface wireless security-profiles
set default name="default" mode=none authentication-types="" \
unicast-ciphers="" group-ciphers="" wpa-pre-shared-key="" \
wpa2-pre-shared-key="" eap-methods=passthrough tls-mode=no-certificates \
tls-certificate=none static-algo-0=none static-key-0="" static-algo-1=none \
static-key-1="" static-algo-2=none static-key-2="" static-algo-3=none \
static-key-3="" static-transmit-key=key-0 static-sta-private-algo=none \
static-sta-private-key="" radius-mac-authentication=no group-key-update=5m
/ interface wireless align
set frame-size=300 active-mode=yes receive-all=no \
audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 ssid-all=no \
frames-per-second=25 audio-min=-100 audio-max=-20
/ interface wireless snooper
set multiple-channels=yes channel-time=200ms receive-errors=no
/ interface wireless sniffer
set multiple-channels=no channel-time=200ms only-headers=no receive-errors=no \
memory-limit=10 file-name="" file-limit=10 streaming-enabled=no \
streaming-server=0.0.0.0 streaming-max-rate=0
/ interface bridge
add name="bridge1" mtu=1500 arp=enabled protocol-mode=none priority=0x8000 \
auto-mac=yes admin-mac=00:00:00:00:67:65 max-message-age=20s \
forward-delay=15s transmit-hold-count=6 ageing-time=5m comment="" \
disabled=no
/ interface l2tp-server server
set enabled=no max-mtu=1460 max-mru=1460 \
authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption
/ interface pptp-server server
set enabled=no max-mtu=1460 max-mru=1460 authentication=mschap1,mschap2 \
keepalive-timeout=30 default-profile=default-encryption
/ ip ipsec proposal
add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m \
lifebytes=0 pfs-group=modp1024 disabled=no
/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id="" remote-address=0.0.0.0
/ ip telephony aaa
set use-radius-accounting=no interim-update=0s
/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=no
set ftp port=21 address=192.168.15.101/32 disabled=no
set www port=80 address=0.0.0.0/0 disabled=no
set ssh port=22 address=192.168.15.101/32 disabled=no
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes
/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip dns
set primary-dns=10.5.50.1 secondary-dns=0.0.0.0 allow-remote-requests=yes \
cache-size=2048KiB cache-max-ttl=1w
/ ip traffic-flow
set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m \
inactive-flow-timeout=15s
/ ip address
add address=10.5.50.2/24 network=10.5.50.0 broadcast=10.5.50.255 \
interface=bridge1 comment="" disabled=no
/ ip proxy
set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000 \
maximal-server-connectons=1000
/ ip proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no
/ ip accounting
set enabled=no account-local-traffic=no threshold=256
/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ ip neighbor discovery
set ether1 discover=yes
set wlan1 discover=yes
set bridge1 discover=yes
/ ip route
add dst-address=0.0.0.0/0 gateway=10.5.50.1 distance=1 scope=255 \
target-scope=10 comment="" disabled=no
/ ip firewall service-port
set ftp ports=21 disabled=no
set tftp ports=69 disabled=no
set irc ports=6667 disabled=no
set h323 disabled=yes
set quake3 disabled=no
set gre disabled=yes
set pptp disabled=yes
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s \
tcp-established-timeout=1d tcp-fin-wait-timeout=10s \
tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-time-wait-timeout=10s tcp-close-timeout=10s udp-timeout=10s \
udp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m \
tcp-syncookie=no
/ ip dhcp-server config
set store-leases-disk=5m
/ ip hotspot service-port
set ftp ports=21 disabled=no
/ ip hotspot profile
set default name="default" hotspot-address=0.0.0.0 dns-name="" \
html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
split-user-domain=no use-radius=no
/ ip hotspot user profile
set default name="default" idle-timeout=none keepalive-timeout=2m \
status-autorefresh=1m shared-users=1 transparent-proxy=yes \
open-status-page=always advertise=no
/ ip web-proxy
set enabled=no src-address=0.0.0.0 port=3128 hostname="proxy" \
transparent-proxy=no parent-proxy=0.0.0.0:0 \
cache-administrator="webmaster" max-object-size=4096KiB cache-drive=system \
max-cache-size=none max-ram-cache-size=unlimited
/ ip web-proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no
/ ip web-proxy cache
add url=":cgi-bin \\\?" action=deny comment="don't cache dynamic http pages" \
disabled=no
/ system logging
add topics=info prefix="" action=memory disabled=no
add topics=error prefix="" action=memory disabled=no
add topics=warning prefix="" action=memory disabled=no
add topics=critical prefix="" action=echo disabled=no
/ system logging action
set memory name="memory" target=memory memory-lines=100 memory-stop-on-full=no
set disk name="disk" target=disk disk-lines=100 disk-stop-on-full=no
set echo name="echo" target=echo remember=yes
set remote name="remote" target=remote remote=0.0.0.0:514
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 \
check-interval=1d user=""
/ system clock manual
set time-zone=+00:00 dst-delta=+00:00 dst-start="jan/01/1970 00:00:00" \
dst-end="jan/01/1970 00:00:00"
/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes \
no-ping-delay=5m automatic-supout=yes auto-send-supout=no
/ system console
add port=serial0 term="" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
/ system console screen
set line-count=25
/ system identity
set name="MikroTik"
/ system note
set show-at-login=yes note=""
/ system gps
set enabled=no set-system-time=yes
/ system lcd
set enabled=no type=24x4 port=parallel contrast=0
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set bridge1 display-time=5s disabled=yes
set wlan1 display-time=5s disabled=yes
set ether1 display-time=5s disabled=yes
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ system health
set state-after-reboot=enabled
/ system routerboard bios
set
/ port
set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
set serial1 name="serial1" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
/ ppp profile
set default name="default" use-compression=default use-vj-compression=default \
use-encryption=default only-one=default change-tcp-mss=yes comment=""
set default-encryption name="default-encryption" use-compression=default \
use-vj-compression=default use-encryption=yes only-one=default \
change-tcp-mss=yes comment=""
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ queue type
set default name="default" kind=pfifo pfifo-limit=50
set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
set synchronous-default name="synchronous-default" kind=red red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
add name="default-small" kind=pfifo pfifo-limit=10
/ queue interface
set ether1 queue=ethernet-default
set wlan1 queue=wireless-default
set bridge1 queue=default
/ tool bandwidth-server
set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10
/ tool mac-server ping
set enabled=yes
/ tool e-mail
set server=0.0.0.0 from="<>"
/ tool sniffer
set interface=all only-headers=no memory-limit=10 file-name="" file-limit=10 \
streaming-enabled=no streaming-server=0.0.0.0 filter-stream=yes \
filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 \
filter-address2=0.0.0.0/0:0-65535
/ tool graphing
set store-every=5min
/ user
add name="admin" group=full address=0.0.0.0/0 comment="system default user" \
disabled=no
/ user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!f\
tp,!write,!policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password\
,web,!ftp,!policy
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
x,password,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read
/ radius incoming
set accept=no port=1700
/ driver
/ snmp
set enabled=no contact="" location=""
/ snmp community
set public name="public" address=0.0.0.0/0 read-access=yes
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no \
redistribute-static=no redistribute-rip=no redistribute-bgp=no \
metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 \
metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 type=default translator-role=translate-candidate \
authentication=none disabled=no
/ routing bgp instance
set default name="default" as=65530 router-id=0.0.0.0 \
redistribute-connected=no redistribute-static=no redistribute-rip=no \
redistribute-ospf=no redistribute-other-bgp=no out-filter="" \
client-to-client-reflection=yes ignore-as-path-len=no comment="" \
disabled=no
/ routing rip
set distribute-default=never redistribute-static=no redistribute-connected=no \
redistribute-ospf=no redistribute-bgp=no metric-default=1 metric-static=1 \
metric-connected=1 metric-ospf=1 metric-bgp=1 update-timer=30s \
timeout-timer=3m garbage-timer=2m
/ routing rip interface
add interface=all receive=v2 send=v2 authentication=none authentication-key="" \
key-chain="" in-filter="" out-filter="" disabled=no

setup like this, i cant even get an ip addy on laptop

that's 'cleaned'??

o-k then...

Try setting arp to proxy-arp on your bridges...

lol sorry about that, I guess I dont know what cleaned means. (take out un necessary parts I guess? lol)


No go with the arp proxy set, still cant get an ip from the dhcp server on rtr1

If i add wlan1 to ports in bridge, i get an ip addy from the dhcp server on the laptop. I then see the url goto my hotspot dns name but then just shows blank page no login page.

k, I figured it out. I was putting a name in DNS name entry in the hotspot wizard when it asked me to enter name of DNS. ( gezz, said the same thing twice lol)

I realised that the name I was using was not a name that I had registered as a domain name and obviously did not have a ip resolving to the name, especially the ip 10.5.50.1. SO, the moral of the story is, when u have a great person like GWISA taken time in giving you a step by step and he doesnt mention to do something, dont do it.! Thx a million GWISA .. Now if I could only get decent range with my XR2 radios.. Ifcourse im testing with crap antennas, 7.5 db omnis with rg-58 crap coax, getting MAYBE 400 ft. CRAP or is this expected with these antennas? I did quite abit of testing around with the TX settings etc and found out that the most power from the card with signal quality and signal to noise ratio, was to leave the darn setting on default.....

G-Turbo had some descent throughput with the bandwidth tester in winbox, 27 Mbps in full duplex @ -58db and 45 signal to noise ratio within 50 ft..! lol Connecting to the rtr with a client connection like a laptop, you have to put her back in b, b/g or G only and I was getting only a 6 Mbps connection @ 400 ft. I guess sectors at atleast 14db or a must.. What should I excpect with a sector at 14 db with my radio and atleast LMR - 200 running 20 ft ???

I realised that the name I was using was not a name that I had registered as a domain name and obviously did not have a ip resolving to the name, especially the ip 10.5.50.1. SO, the moral of the story is, when u have a great person like GWISA taken time in giving you a step by step and he doesnt mention to do something, dont do it.! Thx a million GWISA ..

Glad you figured it out - must say, I overlooked your DNS settings, but things should have worked OK if you put in a DNS address entry for your DNS name in the static DNS entry section (/ip dns static add address=10.5.50.1 name=www.xyz.com) ... many ways to skin a cat...