Community discussions

MikroTik App
 
pehac
just joined
Topic Author
Posts: 1
Joined: Thu May 19, 2022 8:07 pm

Basic Wifi setup

Thu May 19, 2022 8:23 pm

Hi everyone

new to Mikrotik world and struggling to set up wifi with internet. I'm using Cap AC as router with following setting:

Poe in = cable internet + power
Poe out = connected to laptop just for the sake of testing
Router setting: home AP Dual (followed all basic setting), config file below

Problem:
1) I'm able to connect my laptop to wifi but no internet is availabe (if I connect thru cable its ok)
2) I'm not able to connect my phone to wifi with error message "couldnt get IP address"

config:

# may/19/2022 19:01:28 by RouterOS 6.48.4
# software id = C8EJ-R4T2
#
# model = RouterBOARD cAP Gi-5acD2nD
# serial number = 9AA90960D379
/interface bridge
add admin-mac=B8:69:F4:51:46:4D auto-mac=no comment=defconf name=bridgeLocal
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n country="czech republic" \
disabled=no frequency=auto mode=ap-bridge ssid=Becky&Magal_2G \
wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac country="czech republic" \
disabled=no frequency=auto mode=ap-bridge ssid=Becky&Magal_5G \
wireless-protocol=802.11
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=\
*************** wpa2-pre-shared-key=***************
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp ranges=192.168.88.3-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridgeLocal name=dhcp1
/interface bridge port
add bridge=bridgeLocal comment=defconf disabled=yes interface=ether1
add bridge=bridgeLocal comment=defconf interface=ether2
/interface list member
add interface=ether1 list=WAN
add interface=bridgeLocal list=LAN
/interface wireless cap
set bridge=bridgeLocal discovery-interfaces=bridgeLocal interfaces=\
wlan1,wlan2
/ip address
add address=192.168.88.1/24 interface=bridgeLocal network=192.168.88.0
/ip dhcp-client
add comment=defconf disabled=no interface=bridgeLocal
add disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1 netmask=24
/ip firewall filter
add action=accept chain=input protocol=icmp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=drop chain=input in-interface-list=!LAN
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/system clock
set time-zone-name=Europe/Prague

Any help would be appreciated

Thanks

pehac
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Basic Wifi setup

Fri May 20, 2022 5:53 pm

(1) If this is a public facing Router, then you need better firewall rules......... (aka you get at public IP address).
/ip firewall filter
{Input Chain}
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input in-interface-list=LAN
add action=drop chain=input comment="drop all else" 
{forward chain}
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=forward comment="allow internet traffic" in-interface-list=LAN out-interface-list=WAN
add action=accept chain=forward comment="allow port forwarding" connection-nat-state=dstnat
add action=drop chain=forward
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface-list=WAN

(2) Remove bridge from /IP DHCP CLIENT! It has nothing to do with your ISP, as you correctly note in your interface list members!
/ip dhcp-client
add comment=defconf disabled=no interface=bridgeLocal
add disabled=no interface=ether1

(3) To get things working, you are almost there delete this line............. not required!!!
/interface wireless cap
set bridge=bridgeLocal discovery-interfaces=bridgeLocal interfaces=\
wlan1,wlan2


and MODIFY THIS LINE /interface bridge port..................
/interface bridge port
add bridge=bridgeLocal interface=wlan1
add bridge=bridgeLocal interface=wlan2
add bridge=bridgeLocal interface=ether2
++++++++++++++++++++++++++++++++++++++++++++++++
Finally food for thought, I prefer if possible to config or at least have the possiblity to config the capac from ether2 What I Call OFF BRIDGE.
This assumes the capac is accessible (low ceiling, side of wall) where you can hookup an ethernet cable to your laptop and ether2, OR if you had forethought when installing the capac to run an ethernet cable from ether2 to an accessible location......to do the same hookup.

viewtopic.php?t=181718

Who is online

Users browsing this forum: 4l4R1, Bing [Bot], Google [Bot], holvoetn and 23 guests