MikroTik

Posted: **Fri Oct 01, 2010 12:41 pm**

I have this IP configuration

Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         BROADCAST       INTERFACE                                                                                                                                                      
 0   ;;; Internet
     86.127.70.132/26   86.127.70.128   86.127.70.191   13Internet                                                                                                                                                     
 1   ;;; Local
     80.97.140.1/24     80.97.140.0     80.97.140.255   bridge1

Local connection is made by public IP's on bridge1 (ethernet1 to ethernet11) and Internet gateway of the router is made by ether13

On ether12 I intend to test a hotspot configuration but when I set 80.97.140.202/24 to ether12 the whole network drop internet connection.

The route table is this:

Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          86.127.70.129      1       
 1 ADC  80.97.140.0/24     80.97.140.1     bridge1            0       
 2 ADC  86.127.70.128/26   86.127.70.132   13Internet

What I'm doing wrong?

Posted: **Fri Oct 01, 2010 12:48 pm**

You have duplicate subnets assigned to two interfaces, bridge1 and ether12. Not a good idea, as you just discovered.

If you are setting up a hotspot on ether12, may I suggest 192.168.0.1/24 for the ip/subnet on ether12.

Posted: **Fri Oct 01, 2010 3:18 pm**

I need to set the hotspot with public IP's for the clients.
So, users who connects to the hotspot should have 80.97.140.x IP's.

What subnet should I set in this case?

Posted: **Fri Oct 01, 2010 4:32 pm**

That is easy! Disable the hotspot. Issue static ips or static dhcp leases. Then use netmap.

Posted: **Fri Oct 01, 2010 11:04 pm**

How to disable a hotspot who is not even made?

What is netmap?

Posted: **Sat Oct 02, 2010 12:01 am**

What is the goal? Why do your clients need a public ip? Maybe that will help us help you. Can't you issue private ips, and NAT to a public ip?

Posted: **Sat Oct 02, 2010 1:15 pm**

Tim, my goal is to setup the router as hotspot, and some client to authentificate automaticaly by mac address and others by hotspot interface. All clients need to have public IPs.

First I need to setup a hotspot on a single interface for testing before I put it on the whole bridge.

How should I set ether12 IP to get a hotspot for testing on it without interfer with my actual settings of the network?

Posted: **Sat Oct 02, 2010 1:23 pm**

I was ok until here:

All clients need to have public IPs.

If they are behind a hotspot, why do they need public ips? If they are servers, they will not be accessible from the internet if they are not logged in. If it is necessary, I would issue private ips (192.168.0.1/24) and use netmap. That maps public ips to your private set. Does a range of public ips to a range of private ips. Take a look at this
http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT
The part you will need is the 1:1 mapping.

Posted: **Sat Oct 02, 2010 1:39 pm**

I have about 50 stable clients who I dont want to authentificate to the hotspot and they need public IP's because some of them have video surveilance system on theys home and need to get access to it from internet (just an example).

On my network will also be some AP's who will be open for laptop users authentificate by user/password for a period of time.

My guess was to set a hotspot and stable clients gets authentificate by mac address and they dont even know they are on a hotspot router.

So... the hotspot cannot be setted up without NAT, masquerade? I cannot use public IP's on hotspot configuration?

Posted: **Sat Oct 02, 2010 1:46 pm**

That is ok. For each mac address behind the hotspot you want bypassed (no login required)
/ip hotspot ip-binding
add mac-address=xx:xx:xx:xx:xx:xx type=bypassed

The 1:1 mapping will NAT (translate) your public ips to the 192.168.0.0/24 subnet. To devices on the internet, those private ips will appear, and respond, as your public ip range. If you want 50 clients online, you need 51 public ips.

ADD: The reason I selected this method is it allows you to use 50 public ips as static clients, and NAT the rest of your clients (the ones that don't need public access) to the remaining public ip. 51 public ips. Does that make sense?

EDIT: I am not familiar with public ips behind a hotspot. Someone else will have to take it from here.

Posted: **Sat Oct 02, 2010 3:37 pm**

Tnx for the replyes Tim. I still not understand why I cannot use directly public IP's for the hotspot users?

Posted: **Sun Oct 03, 2010 5:16 pm**

Did you see this thread?
http://forum.mikrotik.com/viewtopic.php?f=13&t=45517

Posted: **Sun Oct 03, 2010 5:19 pm**

Yes, I have readed today. It's just my config there.

MikroTik

Interface IP conflict

Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict

Re: Interface IP conflict