MikroTik

Posted: **Tue Dec 13, 2011 2:54 pm**

Welcome,

I have problem with access to the internet from my router. When i try ping ex. http://www.google.com or 173.194.66.106 in traceroute i get :

 #   ADDRESS            NETWORK         INTERFACE
 0   ;;; hotspot network
     192.168.100.1/23   192.168.100.0   ether2
 1   172.16.1.2/30      172.16.1.0      ether1

Route
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          172.16.1.1                1
 1 ADC  172.16.1.0/30      172.16.1.2      ether1                    0
 2 ADC  192.168.100.0/23   192.168.100.1   ether2                    0

If You need more information pls. post.
P.S. I have searched solution earlier:)
P.S.2 . Sorry for my English

Posted: **Tue Dec 13, 2011 8:10 pm**

please send your trace photo.
your info does't complete.

Posted: **Wed Dec 14, 2011 10:52 am**

Thank you for your interest in this subject

I hope you mean this:

Trace from router
[admin@MikroTik] > tool traceroute 173.194.66.106
 # ADDRESS                                 RT1   RT2   RT3   STATUS            
 1 172.16.1.1                              1ms   1ms   1ms                     
 2 0.0.0.0                                 0ms   0ms   0ms                     
 3 0.0.0.0                                 0ms   0ms   0ms                     
 4 0.0.0.0                                 0ms   0ms   0ms

Trace from client going like this
->192.168.100.1
->172.16.1.1
->google.com

Posted: **Wed Dec 14, 2011 12:27 pm**

Can you post the info from "/ip firewall nat"?

Posted: **Wed Dec 14, 2011 12:38 pm**

Thank You a lot for help. I just solved the problem by adding 192.168.100.1 as pref.src in route rule.

 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0          192.168.100.1   172.16.1.1                1

Once again Thanks

Posted: **Wed Dec 14, 2011 12:45 pm**

That solution would indicate your masquerade or srcnat is incorrect.

You probably have this

/ip firewall nat
chain=srcnat action=masquerade src-address=192.168.100.0/24

That is the nat rule added by the hotspot.

You need something like this:

/ip firewall nat
add chain=srcnat action=masquerade out-interface=ether1

Posted: **Wed Dec 14, 2011 1:17 pm**

I don't use masquerade.

I want to export my firewall nat rules , but its return only 2 of 9 rules.

Posted: **Wed Dec 14, 2011 1:27 pm**

Then I presume you have the 192.168.100.0/23 net routed back to the router from the proxy server. That would make sense.

Posted: **Wed Dec 14, 2011 1:46 pm**

Once again Thank You a lot

Posted: **Wed Dec 14, 2011 3:58 pm**

Then I presume you have the 192.168.100.0/23 net routed back to the router from the proxy server. That would make sense.

Yeah, and that the router with proxy server (172.16.1.1) does also masquerading for 192.168.. addresses only

- that was probably the problem, why the RB couldn't connect, as it was not NATted outside.

<lang=pl>Iceog - dzięki za "gotowość do pomocy"

Ale już nie przesadzajmy z nabijaniem sobie darmowych punktów

.</lang=pl>

MikroTik

Clients can access to internet, but router cant.

Clients can access to internet, but router cant.

Re: Clients can access to internet, but router cant.

Re: Clients can access to internet, but router cant.

Re: Clients can access to internet, but router cant.

Re: Clients can access to internet, but router cant.

Re: Clients can access to internet, but router cant.

Re: Clients can access to internet, but router cant.

Re: Clients can access to internet, but router cant.

Re: Clients can access to internet, but router cant.

Re: Clients can access to internet, but router cant.