Need help wifi does not work.

Johannes33 · Wed Mar 29, 2017 6:40 pm

Hi, I'm a newbie on mikrotik but trying my best and wonder if someone could help me.
I have been struggling for the last couple of days not managing the settings to work.
here is my code:

# mar/29/2017 17:12:58 by RouterOS 6.35.4
# software id = E66J-P7EA
#
/interface ethernet
set [ find default-name=ether1 ] name=ether1_WAN
set [ find default-name=ether2 ] name=ether2_LAN
set [ find default-name=ether3 ] master-port=ether2_LAN name=ether3_UnifiAP
/interface vlan
add interface=ether2_LAN name=vlan11_Admin vlan-id=11
add interface=ether2_LAN name=vlan12_Users vlan-id=12
add interface=ether2_LAN name=vlan13_guests vlan-id=13
/ip pool
add name=dhcp_pool1 ranges=192.168.99.21-192.168.99.250
add name=dhcp_pool2 ranges=192.168.11.21-192.168.11.250
add name=dhcp_pool3 ranges=192.168.12.21-192.168.12.250
add name=dhcp_pool4 ranges=192.168.13.21-192.168.13.250
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether2_LAN lease-time=1h \
    name=dhcp1
add address-pool=dhcp_pool2 disabled=no interface=vlan11_Admin lease-time=1h \
    name=dhcp2
add address-pool=dhcp_pool3 disabled=no interface=vlan12_Users lease-time=1h \
    name=dhcp3
add address-pool=dhcp_pool4 disabled=no interface=vlan13_guests lease-time=1h \
    name=dhcp4
/ip firewall connection tracking
set enabled=yes
/ip address
add address=192.168.99.1/24 interface=ether2_LAN network=192.168.99.0
add address=192.168.11.1/24 interface=vlan11_Admin network=192.168.11.0
add address=192.168.12.1/24 interface=vlan12_Users network=192.168.12.0
add address=192.168.13.1/24 interface=vlan13_guests network=192.168.13.0
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
    interface=ether1_WAN
/ip dhcp-server network
add address=192.168.11.0/24 dns-server="195.67.199.42,195.67.199.43,195.67.160\
    .3,195.67.183.153,208.67.222.222,208.67.220.220,8.8.8.8,8.8.4.4" gateway=\
    192.168.11.1
add address=192.168.12.0/24 dns-server="195.67.199.42,195.67.199.43,195.67.160\
    .3,195.67.183.153,208.67.222.222,208.67.220.220,8.8.8.8,8.8.4.4" gateway=\
    192.168.12.1
add address=192.168.13.0/24 dns-server="195.67.199.42,195.67.199.43,195.67.160\
    .3,195.67.183.153,208.67.222.222,208.67.220.220,8.8.8.8,8.8.4.4" gateway=\
    192.168.13.1
add address=192.168.99.0/24 dns-server="195.67.199.42,195.67.199.43,195.67.160\
    .3,195.67.183.153,208.67.222.222,208.67.220.220,8.8.8.8,8.8.4.4" gateway=\
    192.168.99.1
/ip dns
set allow-remote-requests=yes servers="195.67.199.42,195.67.199.43,195.67.160.\
    3,195.67.183.153,208.67.222.222,208.67.220.220,8.8.8.8,8.8.4.4"
/ip firewall address-list
add address=192.168.99.0/24 list="Admin Lan"
add address=198.168.12.0/24 list=Users_12vlan
add address=198.168.11.0/24 list="Admin Wifi_11vlan"
add address=192.168.13.0/24 list=guests_13vlan
/ip firewall filter
add action=drop chain=input connection-state=invalid
add action=drop chain=forward connection-state=invalid
add chain=input src-address-list="Admin Lan"
add chain=input connection-state=established
add chain=input connection-state=related
add action=drop chain=input
#add chain=forward connection-state=new src-address-list="Admin Lan"
#add chain=forward connection-state=new src-address-list="Admin Wifi_11vlan"
#add chain=forward connection-state=new src-address-list=Users_12vlan
#add chain=forward connection-state=new src-address-list=guests_13vlan
#add chain=forward connection-state=related
#add chain=forward connection-state=established
#add action=drop chain=forward
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1_WAN
add action=redirect chain=dstnat dst-port=53 protocol=udp to-ports=53
add action=redirect chain=dstnat dst-port=53 protocol=tcp to-ports=53
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Stockholm
/system routerboard settings
set protected-routerboot=disabled

eth1 is internet
eth 2 is computer
eth 3 is unifi ap ac lite on 192.168.99.11.
I can go out on the internet with the computer but I have not internet access with the ap.
I can connect to the ap with ping and unifi controller from the controller but I have no internet access.

also I would like not to have the dns servers hardcoded in the settings but have them taken from the dns client and passed down to the other dhcp servers.

Suggestions?

sash7 · Wed Mar 29, 2017 11:00 pm

Hi.
in /ip dhcp-client use "Use peer DNS" checked if you want WAN to get dns from your isp.

in /ip dhcp-server network remove all these dns servers and just use dns-server == gateway ip
clients will ask and get dns from router

Johannes33 · Thu Mar 30, 2017 4:15 pm

It was the firewall.
I modified the firewall to be the same for both the ethernet connected computer and wifi.
I'm puzzled about what is not correct with the firewall since the computer works and got internet connection but the wifi does not.
here is the modified file that does not work.

/ip firewall filter
add action=drop chain=input connection-state=invalid
add action=drop chain=forward connection-state=invalid
add chain=input src-address-list="Admin Lan"
add chain=input src-address-list="Admin Wifi_11vlan"
add chain=input src-address-list=Users_12vlan
add chain=input src-address-list=guests_13vlan
add chain=input connection-state=established
add chain=input connection-state=related
add action=drop chain=input
add chain=forward connection-state=new src-address-list="Admin Lan"
add chain=forward connection-state=new src-address-list="Admin Wifi_11vlan"
add chain=forward connection-state=new src-address-list=Users_12vlan
add chain=forward connection-state=new src-address-list=guests_13vlan
add chain=forward connection-state=related
add chain=forward connection-state=established
add action=drop chain=forward

I would be very happy if someone could lead me in the right direction as to what is wrong with it.

Need help wifi does not work.

Need help wifi does not work.

Re: Need help wifi does not work.

Re: Need help wifi does not work.

Who is online