I am somewhat familiar with networking, just a notch above newbie.
My home setup uses RB3011 UiAS-RM and was running fine till yesterday. I was doing some code development at home that need one machine to talk to the other. That suddenly stopped working.
Steps taken since then :
1. Did ether boot reset (around 6 or 7 times) (couple of attempts were caused by my ignorance that ver 7.2 does not install on RB3011)
2. Have now successfully installed 6.49.6.
3. The configuration is simple - get DHCP client WAN from Verizon (local supplier), and configure a simple bridge.
4. The /export output is here :
Code: Select all
# apr/22/2022 11:15:04 by RouterOS 6.49.6
# software id = AGEK-8YNP
#
# model = RB3011UiAS
# serial number = E7EA0E3205F9
/interface bridge
add name=home-bridge
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.16.2-192.168.16.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=home-bridge lease-time=30m name=\
dhcp1
/interface bridge port
add bridge=home-bridge interface=ether2
add bridge=home-bridge interface=ether3
add bridge=home-bridge interface=ether4
add bridge=home-bridge interface=ether5
add bridge=home-bridge interface=ether6
add bridge=home-bridge interface=ether7
add bridge=home-bridge interface=ether8
add bridge=home-bridge interface=ether9
add bridge=home-bridge interface=ether10
/interface list member
add interface=ether1 list=WAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
add interface=ether9 list=LAN
add interface=ether10 list=LAN
add interface=home-bridge list=LAN
add interface=sfp1 list=LAN
/ip address
add address=192.168.16.1/24 interface=home-bridge network=192.168.16.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.16.0/24 dns-server=192.168.16.1 gateway=192.168.16.1
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.16.1 name=home-lan
add address=8.8.8.8 name=google
/ip firewall address-list
add address=192.168.16.2-192.168.16.254 list=within-home
add address=0.0.0.0/8 list=not-internet
add address=172.16.0.0/12 list=not-internet
add address=192.168.0.0/16 list=not-internet
add address=10.0.0.0/8 list=not-internet
add address=169.254.0.0/16 list=not-internet
add address=127.0.0.0/8 list=not-internet
add address=224.0.0.0/4 list=not-internet
/ip firewall filter
add action=accept chain=input connection-state=established,related,untracked
add action=accept chain=forward connection-state=established,related,untracked
add action=drop chain=input connection-state=invalid
add action=drop chain=forward connection-state=invalid
add action=accept chain=input protocol=icmp
add action=accept chain=input connection-state=new dst-port=53 \
in-interface-list=LAN protocol=tcp
add action=accept chain=input connection-state=new dst-port=53 \
in-interface-list=LAN protocol=udp
add action=drop chain=input in-interface-list=!LAN log=yes log-prefix=!LAN
add action=accept chain=forward ipsec-policy=in,ipsec
add action=accept chain=forward ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward connection-state=\
established,related,untracked
add action=drop chain=forward connection-nat-state=!dstnat connection-state=new \
in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip ssh
set forwarding-enabled=remote strong-crypto=yes
/lcd
set default-screen=stats-all
/system clock
set time-zone-name=America/New_York
[admin@MikroTik] > export hide-sensitive > /doc.txt
expected end of command (line 1 column 23)
[admin@MikroTik] >
I have attached the firewall traffinc data as an image to this request. It shows no failures about DNS. When I try ping www.google.com on a standard windows powershell, the system complains of DNS failure.
The traffic on NAT interface shows 0 B.
Any guidance is welcome.
Thanks