I have been trying to connect my HAP AC2 for wireless connections. It's a super simple setup for my home. The current setup below is working
FTTH/fiber box -> router (tplink)
When I switch my tplink to mikrotik HAP AC2. Connected as per below and it doesn't work.
FTTH/fiber box -> HAP AC2 (ether 1)
I'm using the quick set, selected Home dual AP. I selected "router" under internet with dynamic ip. I can see that it's able to get the IP from the ISP, but when I connect through the wireless, my computer says internet is not connected.
Now I've tried a different setup, and it works fine!
FTTH/fiber box -> router (tplink) -> HAP AC2
Below is some of the settings that I pulled up. Any help will be much appreciated. Thanks !
Code: Select all
[admin@MikroTik] > ping google.com
invalid value for argument address:
invalid value of mac-address, mac address required
invalid value for argument ipv6-address
while resolving ip-address: could not get answer from dns server
[admin@MikroTik] > interface list print
Flags: * - builtin, D - dynamic
# NAME INCLUDE EXCLUDE
0 * ;;; contains all interfaces
all
1 * ;;; contains no interfaces
none
2 * ;;; contains dynamic interfaces
dynamic
3 * ;;; contains static interfaces
static
4 ;;; defconf
WAN
5 ;;; defconf
LAN
[admin@MikroTik] > interface wireless security-profiles print
Flags: * - default
0 * name="default" mode=none authentication-types="" unicast-ciphers=aes-ccm group-ciphers=aes-ccm wpa-pre-shared-key="" wpa2-pre-shared-key="" supplicant-identity="MikroTik" eap-methods=passthrough
tls-mode=no-certificates tls-certificate=none mschapv2-username="" mschapv2-password="" disable-pmkid=no static-algo-0=none static-key-0="" static-algo-1=none static-key-1="" static-algo-2=none
static-key-2="" static-algo-3=none static-key-3="" static-transmit-key=key-0 static-sta-private-algo=none static-sta-private-key="" radius-mac-authentication=no radius-mac-accounting=no
radius-eap-accounting=no interim-update=0s radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username radius-called-format=mac:ssid radius-mac-caching=disabled group-key-update=5m
management-protection=disabled management-protection-key=""
[admin@MikroTik] > ip pool print
# NAME RANGES
0 dhcp 192.168.2.10-192.168.2.254
[admin@MikroTik] > ip dhcp-server print
Flags: D - dynamic, X - disabled, I - invalid
# NAME INTERFACE RELAY ADDRESS-POOL LEASE-TIME ADD-ARP
0 defconf bridge dhcp 10m
[admin@MikroTik] > interface bridge port print
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload
# INTERFACE BRIDGE HW PVID PRIORITY PATH-COST INTERNAL-PATH-COST HORIZON
0 I H ;;; defconf
ether2 bridge yes 1 0x80 10 10 none
1 I H ;;; defconf
ether3 bridge yes 1 0x80 10 10 none
2 I H ;;; defconf
ether4 bridge yes 1 0x80 10 10 none
3 I H ;;; defconf
ether5 bridge yes 1 0x80 10 10 none
4 ;;; defconf
wlan1 bridge 1 0x80 10 10 none
5 I ;;; defconf
wlan2 bridge 1 0x80 10 10 none
[admin@MikroTik] > ip neighbor discovery-settings print
discover-interface-list: LAN
lldp-med-net-policy-vlan: disabled
protocol: cdp,lldp,mndp
[admin@MikroTik] > interface list member print
Flags: X - disabled, D - dynamic
# LIST INTERFACE
0 ;;; defconf
LAN bridge
1 ;;; defconf
WAN ether1
[admin@MikroTik] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 ;;; defconf
192.168.2.1/24 192.168.2.0 bridge
1 D 100.72.xx/17 100.72.xx ether1
[admin@MikroTik] > ip dhcp-client print
Flags: X - disabled, I - invalid, D - dynamic
# INTERFACE USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS ADDRESS
0 ;;; defconf
ether1 yes yes renewing... 100.72.xx/17
[admin@MikroTik] > ip dhcp-server network print
Flags: D - dynamic
# ADDRESS GATEWAY DNS-SERVER WINS-SERVER DOMAIN
0 ;;; defconf
192.168.2.0/24 192.168.2.1
[admin@MikroTik] > ip dns print
servers:
dynamic-servers: 202.xx
use-doh-server:
verify-doh-cert: no
allow-remote-requests: yes
max-udp-packet-size: 4096
query-server-timeout: 2s
query-total-timeout: 10s
max-concurrent-queries: 100
max-concurrent-tcp-sessions: 20
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 46KiB
[admin@MikroTik] > ip dns static print
Flags: D - dynamic, X - disabled
# NAME REGEXP TYPE ADDRESS TTL
0 ;;; defconf
router.lan 192.168.2.1 1d
[admin@MikroTik] > ip firewall filter print
Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
1 ;;; defconf: accept established,related,untracked
chain=input action=accept connection-state=established,related,untracked
2 ;;; defconf: drop invalid
chain=input action=drop connection-state=invalid
3 ;;; defconf: accept ICMP
chain=input action=accept protocol=icmp
4 ;;; defconf: accept to local loopback (for CAPsMAN)
chain=input action=accept dst-address=127.0.0.1
5 ;;; defconf: drop all not coming from LAN
chain=input action=drop in-interface-list=!LAN
6 ;;; defconf: accept in ipsec policy
chain=forward action=accept ipsec-policy=in,ipsec
7 ;;; defconf: accept out ipsec policy
chain=forward action=accept ipsec-policy=out,ipsec
8 ;;; defconf: fasttrack
chain=forward action=fasttrack-connection connection-state=established,related
9 ;;; defconf: accept established,related, untracked
chain=forward action=accept connection-state=established,related,untracked
10 ;;; defconf: drop invalid
chain=forward action=drop connection-state=invalid
11 ;;; defconf: drop all from WAN not DSTNATed
chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface-list=WAN
[admin@MikroTik] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none
[admin@MikroTik] > tool mac-server print
allowed-interface-list: LAN
[admin@MikroTik] > tool mac-server mac-winbox print
allowed-interface-list: LAN