Good afternoon!
I have a Map2nd. I reset config with 'no default config' for a clean slate as I had no plans to use this as a firewall. My plans are to use this as a transparent bridge that will connect to my mobile hotspot and I can connect the ether ports to proprietary devices so they can reach update servers. This works as expected on ether2. I can winbox the device and get internet access + DHCP from my mobile hotspot when I connect a cable to ether2. When I conenct a cable to ether1, I get nothing. No winbox, no DHCP, no internet. From my limited knowledge, I have everything configured accordingly.... Below is my RSC. Can anybody point me in the right direction here?
# 2023-09-11 23:01:47 by RouterOS 7.11.2
# software id = 0U37-IDH4
#
# model = RBmAP2nD
# serial number = <removed>
/interface bridge
add admin-mac=DC:2C:6E:3F:1F:66 auto-mac=no comment=defconf fast-forward=no \
name=bridge0
/interface pwr-line
set [ find default-name=pwr-line1 ] disabled=yes
/interface list
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=Tyler \
supplicant-identity="" wpa2-pre-shared-key=SuperSecretPassword123
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
country="united states" disabled=no frequency=auto mode=\
station-pseudobridge security-profile=Tyler ssid=Tyler
/interface bridge port
add bridge=bridge0 comment=defconf ingress-filtering=no interface=ether1
add bridge=bridge0 comment=defconf ingress-filtering=no interface=ether2
add bridge=bridge0 comment=defconf ingress-filtering=no interface=wlan1
/ip neighbor discovery-settings
set discover-interface-list=all
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface list member
add comment=defconf interface=bridge0 list=LAN
/ip dhcp-client
add comment="bridge0 DHCP" interface=bridge0
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/routing bfd configuration
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
/system clock
set time-zone-name=America/New_York
/system identity
set name=Tyler_MAP
Re: MAP2nd No winbox or access on ether1
There is the complete config? I can't see rules, addresses, etc.
Regards.
Regards.
Re: MAP2nd No winbox or access on ether1
I do not see anything wrong at first sight.
If you connect device to ether 1 and then power-cycle mAP, does it work then ?
If your hotspot device is not Mikrotik, you may encounter one of the quirks of station-pseudobridge mode.
It might be better to use station mode, remove wireless from bridge, add wireless to WAN, add DHCP-server/pool to bridge, add masquerade rule for WAN.
Then clients connecting to ether1/2 get an IP from mAP itself and can connect to internet in a normal way.
If you connect device to ether 1 and then power-cycle mAP, does it work then ?
If your hotspot device is not Mikrotik, you may encounter one of the quirks of station-pseudobridge mode.
It might be better to use station mode, remove wireless from bridge, add wireless to WAN, add DHCP-server/pool to bridge, add masquerade rule for WAN.
Then clients connecting to ether1/2 get an IP from mAP itself and can connect to internet in a normal way.
-
-
piercetyler37
just joined
- Posts: 5
- Joined:
Re: MAP2nd No winbox or access on ether1
This is the full config.
There are no rules or addresses.
There are no firewall rules, this is wide open.
The implementation is for this to work as a more or less transparent bridge. The MAP will connect to my mobile hotspot. ether1, ether2, wlan1 are all in bridge0. When I connect a device to ehter2, it gets DHCP from my hotspot as expected. When I connect a device to ether1, the same should happen but instead, nothing happens.
I have a similar configuration on some other mikrotik devices, just looking for something more compact as I travel across the US.
I do have DHCP on bridge0 in the below section. When I connect MAP to my hotspot, bridge0 does receive DHCP. Whether I have bridge0 receive dhcp or not, the result is the same unfortunately.
There are no rules or addresses.
There are no firewall rules, this is wide open.
The implementation is for this to work as a more or less transparent bridge. The MAP will connect to my mobile hotspot. ether1, ether2, wlan1 are all in bridge0. When I connect a device to ehter2, it gets DHCP from my hotspot as expected. When I connect a device to ether1, the same should happen but instead, nothing happens.
I have a similar configuration on some other mikrotik devices, just looking for something more compact as I travel across the US.
I do have DHCP on bridge0 in the below section. When I connect MAP to my hotspot, bridge0 does receive DHCP. Whether I have bridge0 receive dhcp or not, the result is the same unfortunately.
Code: Select all
/ip dhcp-client
add comment="bridge0 DHCP" interface=bridge0
Last edited by piercetyler37 on Tue Sep 12, 2023 7:57 am, edited 1 time in total.
Re: MAP2nd No winbox or access on ether1
Please see my previous post.
Made some edits w.r.t. pseudo-bridge mode.
Made some edits w.r.t. pseudo-bridge mode.
-
-
piercetyler37
just joined
- Posts: 5
- Joined:
Re: MAP2nd No winbox or access on ether1
I'm going to try this out, but this shouldn't have any effect on the winbox connection on ether1. When I connect my laptop to ether1, I get no DHCP. If I set a static IP respective to what my hotspot hands out, no dice. Static or DHCP, I cannot see/connect to MAP from winbox.Please see my previous post.
Made some edits w.r.t. pseudo-bridge mode.
Part of the reason I am using it in this specific way where the MAP hands out no DHCP: Some of the work I do is at hotels where I receive no/low cell signal. Some devices I need to update are not capable of authenticating through hotel captive portal. I have done some MAC spoofing in the past but ultimately it has just been too time consuming. With this exact solution on my bulkier devices: I connect my laptop to the Mikrotik device and connect it to hotel wifi. When I auth through captive portal, the Mikrotik MAC is actually whitelisted rather than my laptop, leaving every device connected to Mikrotik full access to internet with no need to auth.
Re: MAP2nd No winbox or access on ether1
Remove the bridge and create it again.
Regards.
Regards.
-
-
piercetyler37
just joined
- Posts: 5
- Joined:
Re: MAP2nd No winbox or access on ether1
I wish I could say I haven't done this... I've actually done it a few times with same result.Remove the bridge and create it again.
Regards.
Some weird behavior I have seen is that if I move my cable from ether2 to ehter1, ether2 link light turns off and ether1 link light turns on. When I move my cable from ether1 back to ether2 or leave it disconnected, the ether1 link light will stay on until I disable/enable the port or reboot the MAP. I don't know if there is something wrong with this MAP or what. I have reset it and issue persists. I can't netinstall currently as I can't do that from my work PC.
Also per holvoetn's request, I made MAP a router. I am seeing same result. I get no DHCP from ether1, cannot see MAP from ether1. I may replace this MAP or just outright return it. Below is the config for the above-mentioned changes....
Code: Select all
# 2023-09-12 02:08:40 by RouterOS 7.11.2
# software id = 0U37-IDH4
#
# model = RBmAP2nD
# serial number = <removed>
/interface bridge
add admin-mac=DC:2C:6E:3F:1F:66 auto-mac=no comment=defconf name=bridge0 \
protocol-mode=none
add name=bridge1
/interface pwr-line
set [ find default-name=pwr-line1 ] disabled=yes
/interface list
add comment=defconf name=LAN
add comment=defconf name=WAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=Tyler \
supplicant-identity=""
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
country="united states" disabled=no frequency=auto security-profile=Tyler \
ssid=Tyler
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=172.18.19.2-5 ranges=172.18.19.2,172.18.19.3,172.18.19.4,172.18.19.5
/ip dhcp-server
add address-pool=172.18.19.2-5 interface=bridge0 name=br0_dhcp \
server-address=172.18.19.1
/interface bridge port
add bridge=bridge0 ingress-filtering=no interface=ether2
add bridge=bridge0 interface=ether1
/ip neighbor discovery-settings
set discover-interface-list=all
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface list member
add interface=bridge0 list=LAN
add interface=wlan1 list=WAN
/ip address
add address=172.18.19.1/24 interface=bridge0 network=172.18.19.0
/ip dhcp-client
add comment="bridge0 DHCP" disabled=yes interface=bridge0
add interface=wlan1
/ip dhcp-server network
add address=172.18.19.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=172.18.19.1 \
netmask=24
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall filter
add action=accept chain=input
add action=accept chain=forward
/ip firewall nat
add action=masquerade chain=srcnat src-address=172.18.19.0/24 to-addresses=\
172.18.19.1
/routing bfd configuration
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
/system clock
set time-zone-name=America/New_York
/system identity
set name=Tyler_MAP
/system leds
set 2 disabled=yes type=on
add interface=bridge0 leds=user-led type=interface-activity
/system note
set show-at-login=no
Last edited by holvoetn on Tue Sep 12, 2023 9:15 am, edited 1 time in total.
Reason: removed serial
Reason: removed serial
Re: MAP2nd No winbox or access on ether1
mAP I have here in front of me does play nice with lights/ports/cables so we may not rule out the fact there is a possible defect...
If you connect something on ether1 and connect your PC to ether2/wireless, what does it say as status for ether1 interface if you check winbox/CLI ?
If you connect something on ether1 and connect your PC to ether2/wireless, what does it say as status for ether1 interface if you check winbox/CLI ?
-
-
piercetyler37
just joined
- Posts: 5
- Joined:
Re: MAP2nd No winbox or access on ether1
When I disconnect the cable from ether1 and the light gets stuck on, I can connect to ether2 and get back in via winbox. It still shows activity on the ether1 interface (no cable is connected to ehter1) and the MAP has performance issues where it will not pass traffic or will sporadically drop packets for no reason until I reboot of disable/enable ether1. Once I reboot or disable/enable ether1, the issue goes away.mAP I have here in front of me does play nice with lights/ports/cables so we may not rule out the fact there is a possible defect...
If you connect something on ether1 and connect your PC to ether2/wireless, what does it say as status for ether1 interface if you check winbox/CLI ?
Unfortunately I'm in a hotel and don't have another ethernet device I can plug into ether1 while I'm hooked to ether2.
Out of curiosity, what version are you running on your MAP? I'm running the 7.11.2
Re: MAP2nd No winbox or access on ether1
<Damn ... put it back into the box too fast, unbox again ...>
It was at 7.11beta5 (it's one of my first Mikrotik devices, I keep it for testing purposes)
Did upgrade to 7.11.2 stable, same result. Ports/leds play nice when moving cables.
It was at 7.11beta5 (it's one of my first Mikrotik devices, I keep it for testing purposes)
Did upgrade to 7.11.2 stable, same result. Ports/leds play nice when moving cables.
-
-
piercetyler37
just joined
- Posts: 5
- Joined:
Re: MAP2nd No winbox or access on ether1
lol, thanks for this info! Tomorrow, I'll capture some video of this for reference purposes and will have an additional device I can connect to ether1. I did open a jira with Mikrotik support asking if there are logs I can provide to see if it is a bug or HW issue, however I'm leaning more towards a HW issue.<Damn ... put it back into the box too fast, unbox again ...>
It was at 7.11beta5 (it's one of my first Mikrotik devices, I keep it for testing purposes)
Did upgrade to 7.11.2 stable, same result. Ports/leds play nice when moving cables.
Re: MAP2nd No winbox or access on ether1
Could be that this won't apply to your problem, but: there have been cases where devices, despite having correct configuration displayed, were misbehaving in some weird random ways. Most of times full factory reset cured the problem ... and even export/import of config was just fine. Using binary backup (backup/restore) was not fine though, it does seem that sometimes there's some hidden configuration which gets in to backup file.
Re: MAP2nd No winbox or access on ether1
I forgot about that one, indeed (only experienced it once myself, I think somewhere late 2021 if my memory serves me well).
But since OP doesn't have access to netinstall for now, we may have to wait.
It is indeed an additional step to be taken to rule out SW issues and to conclude it is HW-related.
Good suggestion !
But since OP doesn't have access to netinstall for now, we may have to wait.
It is indeed an additional step to be taken to rule out SW issues and to conclude it is HW-related.
Good suggestion !
Re: MAP2nd No winbox or access on ether1
If resting to defaults the problem persists and if holvoetn discarted possibly ROS issue, the only way may be a hardware issue. RMA or buy a new one.
Regards.
Regards.