I am setting up the Router in my signature on my small 50 devices network (including phones, virtual clients, tablets and everything you can think of) and the Router is connected to WAN via Port 1 and to the Switch via Port 2 (the switch in my signature, running SWOS) . I can reach the Router both via Winbox and Webfig, have defined standard 192.168.1.1/24 (NOT *.88.*) network and after doing the basics in the guide: https://help.mikrotik.com/docs/display/ ... figuration I end up with getting an IP for the Internet - Dynamic Public IP - , can do the ping tests and my clients are connected to LAN, but not WAN. I obviously suspect something in the bridging between Ether1 (WAN) and Ether2 (LAN). The guide was followed with great care but at one point the CLI command for the NAT would not allow me to enter the "ether1" in the syntax, it would not take the number, despite me pressing the "1" key on the keyboard. Many times, harder and harder, repeating, deleting, new terminal, still no joy.

/ip firewall nat
add chain=srcnat out-interface=ether1 action=masquerade

I manage to set that in the GUI after some trial and error but still no Internet access.

I will of course start over with this, but I have three questions:
1. How do you disable the autocomplete command in Terminal (I prefer a GUI). I realize it is handy for many, but since I use it as little as possible it tends to be confusing and frustrating. Make a better GUI.
2. Could Terminal be browser sensitive when running WebFig, since it seems to run better in Edge than in Firefox, the latter being my browser of choice in my OS of choice, Windows 10 21H1.
3. Is the guide updated for ROS version 6.48.3? Are you SURE about that? Are there any differences in the guide?

do not set ether1, you must set what give you the (dynamic) public ip


1) Stop use Ctrl+V.... do not paste nothing, enable autocomplete.....
2) use WinBox
3) I not mind

1. How do you disable the autocomplete command in Terminal (I prefer a GUI). I realize it is handy for many, but since I use it as little as possible it tends to be confusing and frustrating. Make a better GUI.
2. Could Terminal be browser sensitive when running WebFig, since it seems to run better in Edge than in Firefox, the latter being my browser of choice in my OS of choice, Windows 10 21H1.
3. Is the guide updated for ROS version 6.48.3? Are you SURE about that? Are there any differences in the guide?

It is not really clear to me why you are using the CLI when you prefer the GUI. There are two great GUIs available for MikroTik.
Examples are often given as CLI because that is easier to do in a manual (instead of screenshots) but you can enter the same commands using GUI.

It is known that the CLI screen in Winbox behaves a bit erratic. When you want to use CLI please use a dedicated tool like PuTTY or the OS built-in telnet/ssh
tool instead.
The most common issue for users using the Winbox CLI window is that Ctrl characters do something different than they are commonly used for.
See https://wiki.mikrotik.com/wiki/Manual:Console

Unfortunately the RB1100 model is for professionals and does not include the default settings that the lower-end devices have. That is so much
easier when you want to setup a router as a beginner!

How is your ISP connection delivered ? Through cable-modem/fiber so your "ether1" receives a public IP through DHCP ? Or do you connect with a PPPoE connection ?
I think the most efficient is to provide a full config so expert-user can very quickly spot anomalies.

/export hide-sensitive file=anynameyouwish or something.

1. Make sure all your LAN ports are in a bridge and the WAN port it not.
2. Give your Bridge an IP address (which it sounds like you already did)
3. Source NAT/Masquerade (sounds like you already have that)
4. Make sure no firewall rules are blocking anything. Best to allow EST, REL, NEW forwarding from LAN

These are just some thoughts to consider...

Assuming you are using vlans,
The best guide for this at least for the router part of the setup you should use......

viewtopic.php?f=23&t=143620

Default rules you should have......
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN


From there you should have connectivity as required.
Once you have absorbed the provided link and have a working config
post it here /export hide-sensitive file=anynameyouwish
as well as screenshots of the vlan and vlans SWOS screens for additional comments and pointers