Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Can't access the Internet over LAN, but over WiFi it works

Post Reply
 
xelu
just joined
Topic Author
Posts: 4
Joined: Wed Aug 24, 2022 9:16 am

Can't access the Internet over LAN, but over WiFi it works

Wed Aug 24, 2022 10:59 am

Hi there,

Yesterday I got my first own MikroTik device - comparing it to previously used tplink, etc - it's the most powerful I've even known :)

Let me go to the point.
My topology looks like (it's only a draft, needed for explanation issue I'm facing with):
dg_home_lan1.jpg
The problem is with the devices directly connected to the Asus RT-AX55 over the LAN, especially my laptop. All devices connected via WiFi with AP are working as expected.
Except the laptop, I have the RPi connected on LAN port also (it has an access to the Internet, but can't ping my laptop on LAN IP address or WiFi either).

Yesterday, I spent a lot of hours looking for similar situation to mine, but no luck. Of course, found some of them, but the topology was different.

What I also noticed - when I'm changing a port in the Asus AP to another one it starts working, but for a while only - after 5 seconds or less, it stops.
Yesterday, by end of the day I swapped places the cables between RPI and my laptop and it worked much longer than above. Happy, I went to sleep and today is the same.

I don't have any ideas how to fix it, but I hope you have.

Here's my configuration:
Code: Select all
# aug/24/2022 09:33:11 by RouterOS 6.49.6
# software id = YS6H-D8AK
#
# model = RB750Gr3
# serial number = 
/interface bridge
add mtu=1500 name=br_lan protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] comment=WAN
set [ find default-name=ether2 ] comment="Living Room LAN"
set [ find default-name=ether3 ] comment="Office LAN"
set [ find default-name=ether4 ] comment="Bedroom LAN"
set [ find default-name=ether5 ] disabled=yes
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool_lan ranges=192.168.55.100-192.168.55.254
/ip dhcp-server
add add-arp=yes address-pool=pool_lan disabled=no interface=br_lan \
    lease-time=6h name=server_lan
/interface bridge port
add bridge=br_lan interface=ether2
add bridge=br_lan interface=ether3
add bridge=br_lan interface=ether4
add bridge=br_lan interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=none protocol=lldp,mndp
/ip address
add address=192.168.55.1/24 interface=br_lan network=192.168.55.0
/ip dhcp-client
add disabled=no interface=ether1 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server lease
add address=192.168.55.33 client-id=tuya_office_lights mac-address=\
    68:57:2D:B6:B5:F5 server=server_lan
add address=192.168.55.28 client-id=tuya_kitchen_fans mac-address=\
    68:57:2D:B6:BC:48 server=server_lan
add address=192.168.55.101 client-id=xiaomi_air_purifier mac-address=\
    50:EC:50:7A:70:8E server=server_lan
add address=192.168.55.32 client-id=tuya_kitchen_2_lights mac-address=\
    68:57:2D:B6:B1:21 server=server_lan
add address=192.168.55.27 client-id=tuya_kitchen_ceiling_lights mac-address=\
    68:57:2D:B6:BA:0B server=server_lan
add address=192.168.55.29 client-id=tuya_living_room_lights mac-address=\
    68:57:2D:B6:C6:C6 server=server_lan
add address=192.168.55.31 client-id=tuya_kitchen_1_lights mac-address=\
    68:57:2D:B6:D3:F9 server=server_lan
add address=192.168.55.30 client-id=tuya_entrance_lights mac-address=\
    68:57:2D:B6:CC:A4 server=server_lan
add address=192.168.55.102 client-id=xiaomi_yeelight_color mac-address=\
    28:6C:07:F1:1C:CC server=server_lan
add address=192.168.55.26 client-id=xiaomi_gateway_living_room mac-address=\
    28:6C:07:F1:08:03 server=server_lan
add address=192.168.55.25 client-id=xiaomi_gateway_hall mac-address=\
    04:CF:8C:8F:86:70 server=server_lan
add address=192.168.55.4 client-id=1:dc:a6:32:ac:a5:a2 mac-address=\
    DC:A6:32:AC:A5:A2 server=server_lan
add address=192.168.55.11 client-id=1:f8:d:ac:d5:81:67 mac-address=\
    F8:0D:AC:D5:81:67 server=server_lan
add address=192.168.55.9 client-id=1:4:cf:8c:f9:d6:36 mac-address=\
    04:CF:8C:F9:D6:36 server=server_lan
add address=192.168.55.5 client-id=1:48:1:c5:c:97:8e mac-address=\
    48:01:C5:0C:97:8E server=server_lan
add address=192.168.55.7 client-id=1:8:38:e6:30:ca:73 mac-address=\
    08:38:E6:30:CA:73 server=server_lan
add address=192.168.55.104 client-id=1:5c:e5:c:59:fe:c mac-address=\
    5C:E5:0C:59:FE:0C server=server_lan
add address=192.168.55.12 client-id=1:84:a9:38:f5:3f:39 mac-address=\
    84:A9:38:F5:3F:39 server=server_lan
add address=192.168.55.13 client-id=1:44:e5:17:4:b9:b0 mac-address=\
    44:E5:17:04:B9:B0 server=server_lan
add address=192.168.55.6 client-id=1:48:1:c5:62:3d:71 mac-address=\
    48:01:C5:62:3D:71 server=server_lan
add address=192.168.55.8 client-id=1:10:4f:a8:68:5c:5f mac-address=\
    10:4F:A8:68:5C:5F server=server_lan
add address=192.168.55.10 client-id=1:c0:84:7d:41:2c:b8 mac-address=\
    C0:84:7D:41:2C:B8 server=server_lan
/ip dhcp-server network
add address=192.168.55.0/24 dns-server=192.168.55.1 gateway=192.168.55.1 \
    netmask=24
/ip dns
set allow-remote-requests=yes max-concurrent-tcp-sessions=30 servers=8.8.8.8
/ip firewall filter
add action=accept chain=forward connection-state=established,related
add action=accept chain=forward in-interface=br_lan out-interface=ether1 \
    src-address=192.168.55.0/24
add action=accept chain=forward connection-nat-state=dstnat
add action=drop chain=forward
add action=accept chain=output
add action=accept chain=input connection-state=established,related
add action=accept chain=input icmp-options=8:0 protocol=icmp
add action=accept chain=input icmp-options=3:4 protocol=icmp
add action=accept chain=input connection-state=new dst-address=192.168.55.1 \
    dst-port=53 in-interface=br_lan protocol=udp src-address=192.168.55.0/24
add action=accept chain=input connection-state=new dst-address=192.168.55.1 \
    dst-port=8291 in-interface=br_lan protocol=tcp src-address=\
    192.168.55.0/24
add action=drop chain=input
add action=fasttrack-connection chain=forward connection-state=\
    established,related
add action=accept chain=forward connection-state=established,related
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1 src-address=\
    192.168.55.0/24
/ip route rule
add action=lookup-only-in-table disabled=yes dst-address=192.168.55.0/24 \
    table=main
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set winbox address=192.168.55.0/24
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Warsaw
/system identity
set name=RouterOS
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=none
/tool mac-server ping
set enabled=no
You do not have the required permissions to view the files attached to this post.
Top
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2879
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: Can't access the Internet over LAN, but over WiFi it works

Wed Aug 24, 2022 12:16 pm

So the problm is with ASUS. Connect RPi & Laptop to mikrotik and check if they work. If yes then eliminate problem in ASUS. Reset it, upgrade ... set to bridge mode if it is possible.
Top
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11591
Joined: Thu Mar 03, 2016 10:23 pm

Re: Can't access the Internet over LAN, but over WiFi it works

Wed Aug 24, 2022 12:24 pm

Configuration of most consumer gadgets is not as flexible as configuration of ROS devices. Some features are hard-coded and can not be changed (at least not easily). For example: on most router/AP combos, ether1 is hard wired as WAN interface and that can not be changed. If such device is used as simple AP, then ether1 can not be used (it's best to tape it off not to try to use such port incidentally).

So, as @BartoszP wrote: check configuration on Asus, focusing on possibility to configure ether1 as LAN port. If this option is not presented very clearly, then assume it can't be done.
Top
 
xelu
just joined
Topic Author
Posts: 4
Joined: Wed Aug 24, 2022 9:16 am

Re: Can't access the Internet over LAN, but over WiFi it works

Wed Aug 24, 2022 2:08 pm

Sorry, I didn't mentioned that before - that ASUS device has 1 WAN port (it remains unplugged) + 4 LAN ports.
I've upgraded the firmware on it to the newest version, but it still doesn't resolve my issue.

I can't understand why connection to the Internet is cut off after a few seconds (Windows is pointing that the cable is plugged and I have Internet access).
It's repeatable - if I put the cable in eth1, it works for 2-3 seconds (ping, www, etc.) and cuts the net off, then I take it out and put it in eth2 it works for next 2-3 seconds and stops..

@BartoszP: I tried to connect laptop directly with mikrotik and it works, but I need that AP to connect the other wireless devices.
Top
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11591
Joined: Thu Mar 03, 2016 10:23 pm

Re: Can't access the Internet over LAN, but over WiFi it works

Wed Aug 24, 2022 3:37 pm

Then check windows on laptop ... windows have a not-so-well-known feature called "Event Viewer" (not entirely unlike system logs under linux), you can open it by following procedure:
Code: Select all
right-click on start icon -> Event Viewer

Then open "Windows Logs" and browse through different topics to see if there are any critical events that might explain loss of networking. Or if there are warning events in absence of critical events.

Also make sure your laptop isn't connected to LAN via both wired and wireless connections at the same time. In theory it should be fine, but as we all know, in theory, theory and practice are the same, in practice they're not.
Top
 
xelu
just joined
Topic Author
Posts: 4
Joined: Wed Aug 24, 2022 9:16 am

Re: Can't access the Internet over LAN, but over WiFi it works

Wed Aug 24, 2022 5:08 pm

Hi mkx,

That was a good idea to check event viewer. I see there a lot of warning from 'DNS Client Event' source.
I've cleared log to see when exactly they appear and they seem to be added right after when connection is lost (to be more precise - connection persists still established, but can't ping or access anything, Internet also doesn't work). All of that is happening on my work laptop.

I checked the same on my private one and there eveything works fine. So it's problably related to some security software, I noticed that I have installed the Heimdal Thor Agent by my company organisation. Yesterday I made a research about it and found some infos that Heimdal is dynamically replacing DNS server in my LAN card network setting to 127.7.7.8 or .9 - maybe it is a root of cause.

Probably you won't be able to help me anymore, because it's not related to the MikroTik configuration no more.
Unless one of you had a similar problem using that stuff.

--update:
I've changed in configuration of my work laptop LAN card (I225-LM chipset) the 'Speed & Duplex' from 'Auto Negotiation' to '100 Mbps Full Duplex' and it did a trick, the Internet works all the time, like there wasn't any issue. Worth to add, I'm still trying to get it works through the ASUS device. It is my office room configuration. But why it doesn't work on 1 Gbps??

--update2:
Checked behavior on my private laptop where I have a 1 Gbps LAN network card and it works on 1 Gbps on the same cable.

--update3:
I'm 95% sure that the ASUS device hasn't supported yet my work laptop network card (2.5 Gbps Controller, I225-LM chipset), that's why it doesn't work with 1 Gbps.
Top
 
xelu
just joined
Topic Author
Posts: 4
Joined: Wed Aug 24, 2022 9:16 am

Re: Can't access the Internet over LAN, but over WiFi it works

Wed Aug 24, 2022 9:57 pm

Issue solved. I've just downgraded the drivers version to 26.4 (https://www.intel.com/content/www/us/en ... ws-10.html) for I225 chipset and it started working with 1 Gbps.

Thanks for your patient and your tips.
Top
Post Reply

Who is online

Users browsing this forum: Amazon [Bot], flapviv and 46 guests
  4. RouterOS
  5. Beginner Basics