I have a wAP station that I have been trying to set up without success.
I have been using WebFig but at some point I got the device in a bad state and needed to log using WinBox and the MAC. Then, I reset the device to its default config, after which point I can log in using WebFig and WinBox using the IP but *not* with WinBox and the MAC? Nothing in my configuration changed that I know of to explain this.
I moved on anyway, and I want to set up the wAP as a wireless station for an existing WiFi router. I assume the existing router does not also have to be a Mikrotik product for this to work, is that correct? I would like the 2.4GHz to bridge with the existing router, and then provide internet either through the 5GHz band or (more likely) through the Mikrotik eth port. I have set up the existing router to be on the .88 subnet so it should have no problems talking to the Mikrotik in its default state.
My approach has been:
Set up a security profile to contain the WPA password of my existing router
Go to 2.4GHz interface (wlan1), turn off the bridge port as described. https://wiki.mikrotik.com/wiki/Connect_ ... ss_Network
Then, enable DHCP client for wlan1, with "Add default route" checked.
Then, set up the wireless interface as station mode, setting the SSID to be that of the existing router, and set the security profile to be the one I set up earlier.
This has not worked; I have very little to no introspection into what's going wrong, but wlan1 never even gets into a running state. Advice appreciated.
Re: MikroTik wAP ac station configuration
/export hide-sensitive file=anynameyou wish.
Were you expecting the main router to provide DHCP for the access point clients?
Were you expecting the main router to provide DHCP for the access point clients?
Re: MikroTik wAP ac station configuration
Yes, this was the idea.Were you expecting the main router to provide DHCP for the access point clients?
Here's the output of the command, thanks for the help.
Code: Select all
# jan/02/1970 00:07:59 by RouterOS 6.42.12
# software id = 5QXS-9AUI
#
# model = RBwAPG-5HacT2HnD
# serial number = BED90A20E1AE
/interface bridge
add comment=defconf name=bridge
/interface wireless
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\
20/40/80mhz-Ceee disabled=no distance=indoors frequency=auto mode=\
ap-bridge ssid=MikroTik-F4B8D4 wireless-protocol=802.11
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk management-protection=allowed mode=\
dynamic-keys name=home supplicant-identity=MikroTik
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n disabled=no distance=indoors \
frequency=2417 security-profile=home ssid=pro-wifi wireless-protocol=\
802.11
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf disabled=yes interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
ether1
add disabled=no interface=wlan1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN-
-
dgonzalezh
Trainer
- Posts: 40
- Joined:
- Location: Colombia
- Contact:
Re: MikroTik wAP ac station configuration
Hey there prosteen,
I´d suggest your start from scratch on a clean device, if you can access the router via IP or MAC Winbox go to System > Reset Configuration and check "no default" configuration.
After reset, go to wireless and click on "Setup repeater", on the pop up window input your main AP's name and passphrase, it will setup a basic repeater that you can later customize. This way you'll provide a transparent bridge from your main AP to wAP's connecting clients. If you need IP management of the wAP just add a DHCP Client to the bridge that "SetupRepeater" created.
Hope this helps.
I´d suggest your start from scratch on a clean device, if you can access the router via IP or MAC Winbox go to System > Reset Configuration and check "no default" configuration.
After reset, go to wireless and click on "Setup repeater", on the pop up window input your main AP's name and passphrase, it will setup a basic repeater that you can later customize. This way you'll provide a transparent bridge from your main AP to wAP's connecting clients. If you need IP management of the wAP just add a DHCP Client to the bridge that "SetupRepeater" created.
Hope this helps.
Yes, this was the idea.Were you expecting the main router to provide DHCP for the access point clients?
Here's the output of the command, thanks for the help.
Code: Select all# jan/02/1970 00:07:59 by RouterOS 6.42.12 # software id = 5QXS-9AUI # # model = RBwAPG-5HacT2HnD # serial number = BED90A20E1AE /interface bridge add comment=defconf name=bridge /interface wireless set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\ 20/40/80mhz-Ceee disabled=no distance=indoors frequency=auto mode=\ ap-bridge ssid=MikroTik-F4B8D4 wireless-protocol=802.11 /interface list add comment=defconf name=WAN add comment=defconf name=LAN /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik add authentication-types=wpa-psk,wpa2-psk management-protection=allowed mode=\ dynamic-keys name=home supplicant-identity=MikroTik /interface wireless set [ find default-name=wlan1 ] band=2ghz-b/g/n disabled=no distance=indoors \ frequency=2417 security-profile=home ssid=pro-wifi wireless-protocol=\ 802.11 /ip pool add name=default-dhcp ranges=192.168.88.10-192.168.88.254 /ip dhcp-server add address-pool=default-dhcp interface=bridge name=defconf /interface bridge port add bridge=bridge comment=defconf disabled=yes interface=wlan1 add bridge=bridge comment=defconf interface=wlan2 /ip neighbor discovery-settings set discover-interface-list=LAN /interface list member add comment=defconf interface=bridge list=LAN add comment=defconf interface=ether1 list=WAN /ip address add address=192.168.88.1/24 comment=defconf interface=bridge network=\ 192.168.88.0 /ip dhcp-client add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\ ether1 add disabled=no interface=wlan1 /ip dhcp-server network add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1 /ip dns set allow-remote-requests=yes /ip dns static add address=192.168.88.1 name=router.lan /ip firewall filter add action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untracked add action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalid add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp add action=drop chain=input comment="defconf: drop all not coming from LAN" \ in-interface-list=!LAN add action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsec add action=accept chain=forward comment="defconf: accept out ipsec policy" \ ipsec-policy=out,ipsec add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related add action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untracked add action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalid add action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN /ip firewall nat add action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WAN /tool mac-server set allowed-interface-list=LAN /tool mac-server mac-winbox set allowed-interface-list=LAN
Re: MikroTik wAP ac station configuration
Thanks for the advice; I thought I read somewhere that repeater doesn't work if one of the routers is not a Mikrotik. Either way I can give this a shot.
Re: MikroTik wAP ac station configuration
For my CapAC access points I used the default configuration WISP mode.
The only changes err mostly anyway I made were to the wifi settings required.
Opening the quickset page, the top left mode selection is WISP AP.
The configuration mode settings to the right are bridge and automatic.
Address source is any. So its setup to get an IP from the router.
If you wanted to go to your main router and set in a static LANIP for the AP, you would take the mac address showing here and then go to the main router and enter the static IP plus associated mac etc.
From there you should be good to start off the configuration from winbox proper (and from then on ignore the quickset page).
The only changes err mostly anyway I made were to the wifi settings required.
Opening the quickset page, the top left mode selection is WISP AP.
The configuration mode settings to the right are bridge and automatic.
Address source is any. So its setup to get an IP from the router.
If you wanted to go to your main router and set in a static LANIP for the AP, you would take the mac address showing here and then go to the main router and enter the static IP plus associated mac etc.
From there you should be good to start off the configuration from winbox proper (and from then on ignore the quickset page).
Re: MikroTik wAP ac station configuration
I was set up with WISP AP by default as well. Has anybody had success with this particular configuration (with a non ROS router doing dhcp) that could post their configuration file? I would agree that setting up the main router to provide a preset IP to the wAP based on it's MAC address is a good idea but I am pretty sure their connection doesn't even get that far. I have yet to see the wAP MAC show up in the main router client list.
I also find it difficult to keep performing a very similar sequence of steps from scratch without success or really any form of introspection that I am familiar with.
I also find it difficult to keep performing a very similar sequence of steps from scratch without success or really any form of introspection that I am familiar with.
Re: MikroTik wAP ac station configuration
/export hide-sensitive file=anyname you wish.
Show me the config you have so far.
Show me the config you have so far.
Re: MikroTik wAP ac station configuration
Hi anav I attached the output in an earlier post in this thread, is this not what you are looking for?
Re: MikroTik wAP ac station configuration
Yes my bad I see it now.....
However it looks like a router setup and not an access point setup??
Assuming your AP is wired to the main router, where is the ethernet interface desccribed (port linking to main router)?
Not noted in bridge port and wlan1 is disabled as well.
/interface bridge port
add bridge=bridge comment=defconf disabled=yes interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
This should be disabled.......
/ip dhcp-server
add address-pool=default-dhcp interface=bridge name=defconf
This is wrong it should be set to the IP that the main router gives the access point.
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
Finally, this shows that the access point is really not setup properly
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
ether1
In summary, reset to defaults and select WISP AP mode if available in quickset
However it looks like a router setup and not an access point setup??
Assuming your AP is wired to the main router, where is the ethernet interface desccribed (port linking to main router)?
Not noted in bridge port and wlan1 is disabled as well.
/interface bridge port
add bridge=bridge comment=defconf disabled=yes interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
This should be disabled.......
/ip dhcp-server
add address-pool=default-dhcp interface=bridge name=defconf
This is wrong it should be set to the IP that the main router gives the access point.
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
Finally, this shows that the access point is really not setup properly
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
ether1
In summary, reset to defaults and select WISP AP mode if available in quickset
Re: MikroTik wAP ac station configuration
No longer required offending advertisement post removed.
Last edited by anav on Mon Apr 20, 2020 9:53 pm, edited 1 time in total.
Re: MikroTik wAP ac station configuration
More configuration information below...
Last edited by prosteen on Mon Apr 20, 2020 10:10 pm, edited 1 time in total.
Re: MikroTik wAP ac station configuration
I figured I would post my default config, just to be a reference point. I have tried a few things mentioned by anav but have not had any luck yet
Code: Select all
# jan/02/1970 00:12:02 by RouterOS 6.42.12
# software id = 5QXS-9AUI
#
# model = RBwAPG-5HacT2HnD
# serial number = BED90A20E1AE
/interface bridge
add comment=defconf name=bridge
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
disabled=no distance=indoors frequency=auto mode=ap-bridge ssid=\
MikroTik-F4B8D5 wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\
20/40/80mhz-Ceee disabled=no distance=indoors frequency=auto mode=\
ap-bridge ssid=MikroTik-F4B8D4 wireless-protocol=802.11
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
ether1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LANRe: MikroTik wAP ac station configuration
There was a post above mine from somebody flogging a product or website that has now been removed, since you didnt see the offending post, it appears out of context, I will go in and edit it.........
Cheers!
Cheers!
Last edited by anav on Mon Apr 20, 2020 10:11 pm, edited 1 time in total.
Re: MikroTik wAP ac station configuration
As to the config that looks like a default router config vice an access point config.
When you go into quickset what do you see at the top left corner.
When you go into quickset what do you see at the top left corner.
Re: MikroTik wAP ac station configuration
There was a post above mine from somebody flogging a product or website that has now been removed, since you didnt see the offending post, it appears out of context, I will go in and edit it.........Could you elaborate on that?FU and the horse you rode in on.
If somebody could help without randomly telling me to f*ck off, it would be much appreciated. Not exactly a warm welcome to a new community, in the *Beginner* forum. Still, I do appreciate the effort anav put in to try and help
Cheers!
I knew something was up. I will update my post as wellRe: MikroTik wAP ac station configuration
I updated my post repost, looks like you will have to as well LOL............
Re: MikroTik wAP ac station configuration
Below is a screenshot. Seems to say I am doing WISPAs to the config that looks like a default router config vice an access point config.
When you go into quickset what do you see at the top left corner.
You do not have the required permissions to view the files attached to this post.
Re: MikroTik wAP ac station configuration
Look at the mode setting, its says router NOT bridge as I noted to look for in post #6 above LOL.
Re: MikroTik wAP ac station configuration
Ha, indeed. So that's the default setting, and I admittedly did not update this earlier; just went right into WebFig and did the steps as I outlined in the first post:Look at the mode setting, its says router NOT bridge as I noted to look for in post #6 above LOL.
1) Set up security profile
2) Turn off wlan1 bridge port
3) Add wlan1 DHCP client
4) Remove eth as DHCP client (which was based on your analysis of my original config)
5) Remove DHCP server (also a good catch by you that I originally missed)
6) Set up wlan1 as a station bridge with the given security profile and same SSID as my main router
Now, I set it up as a bridge on QuickSet, and then followed the above steps. After going back to QuickSet, the settings are *back on router*; so I obviously screwed something up in WebFig.
FWIW, yet another config:
Also, I noted in an earlier post you assumed I was wired between the two routers, but I am not.
Code: Select all
# jan/02/1970 00:03:34 by RouterOS 6.42.12
# software id = 5QXS-9AUI
#
# model = RBwAPG-5HacT2HnD
# serial number = BED90A20E1AE
/interface bridge
add comment=defconf name=bridge
/interface wireless
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\
20/40/80mhz-Ceee disabled=no distance=indoors frequency=auto mode=\
ap-bridge ssid=MikroTik-F4B8D4 wireless-protocol=802.11
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk management-protection=allowed mode=\
dynamic-keys name=home supplicant-identity=MikroTik
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n disabled=no distance=indoors \
frequency=auto security-profile=home ssid=pro-wifi wireless-protocol=\
802.11
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf disabled=yes interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
add disabled=no interface=wlan1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LANWho is online
Users browsing this forum: silverbios, Xman1 and 63 guests