Page 1 of 1

how i can do this plzz

Posted: Sat Jan 07, 2012 1:28 am
by mkh
i have sxt , and i am a client , i want to connect broadband inside the sxt and get internet direct in my pc ( get internet direct when open my pc )

Re: how i can do this plzz

Posted: Sat Jan 07, 2012 2:21 am
by stenlyto
not so difficult... :)
What do u do (what settings do u set on Windows) to get ur connection established?

Re: how i can do this plzz

Posted: Sat Jan 07, 2012 4:34 pm
by mkh
i know how i can do this in windows , but i whant this in mikrotik sxt

Re: how i can do this plzz

Posted: Sat Jan 07, 2012 5:02 pm
by Bongo
Simple:

servers: wan ip
allow-remote-requests: yes
max-udp-packet-size: 512
cache-size: 2048K
cache-max-ttl: 1w
cache-used: 44KiB


Masquerade WAN Network - chain=srcnat action=masquerade

Route wan ip - ADC 192.168.1.0/24 192.168.1.2 WAN

Re: how i can do this plzz

Posted: Sat Jan 07, 2012 5:43 pm
by mkh
didnot work, plz how i do this Manually not secript , thank you Bongo

Re: how i can do this plzz

Posted: Sat Jan 07, 2012 10:41 pm
by stenlyto
Masquerade WAN Network - chain=srcnat action=masquerade
Route wan ip - ADC 192.168.1.0/24 192.168.1.2 WAN
Dont suggest things like that.... it will never work!

mkh, I asked u to give me your setting to understand how u connect to INTERNET....
U said broadband? Do u mean ppoe connection ? Do u have username or password.... Do u have to connect manually every time u turn on the PC or..... what?
Just tell me how u connect to internet! If u are not sure tell what u do on ur windows, so I will tell u what to do in Mk SXT... :)
Thats why I asked for that!

Re: how i can do this plzz

Posted: Sun Jan 08, 2012 4:54 pm
by mkh
stenlyto first thnks for ur help ..

Do u mean ppoe connection = yes i mean pppoe
Do u have username or password = yes i have user and password
(( i know how connect pppoe in windows , but i whant put my username and password of pppoe connection inside my mk.sxt to getting internet direct when turn on my pc without using pppoe windows connection )) .
after connect to AP signal :
what i do : =>
first = ( ip=> address=add, address: 192.168.0.0/24 , interface: ether1 )
2'nd = maked DHCP server ,after repair my lan get ip 192.168.0.254
3'rd = maked pppoe client and put my username and password in (Dial Out) option ,the status
is connected
4'th = ( ip=> fierwall = NAT = add ,chain: srcnat , Out. interface: ether1 .
in action:masquerade) .

Re: how i can do this plzz

Posted: Sun Jan 08, 2012 8:38 pm
by nest
You're masquerading on the wrong interface. With src-nat, you are changing the Source IP address of the packet. This must therefore happen on the external/public interface as you are 'hiding' or masquerading the true internal IP the packet is coming from and changing the source IP in the header of the packets as if they came from your external interface's IP address. In this way traffic in the internet knows where to return back the traffic to you.

So, you have it on ether1, which is connected to your PC, but instead you must change src-nat to your pppoe interface.

Ron

Re: how i can do this plzz

Posted: Sun Jan 08, 2012 8:50 pm
by stenlyto
Here it is, ur mistake :)

Think for a moment....

Following your detailes u should have gotten something like that?
[admin@your-router] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade out-interface=ether1
Correct me if wrong, but u have set your private network on Ether1
If this is right? My question is : Why did u put interface Ether1 as out-interface?

Now u have two options
1. change the rule to
0 chain=srcnat action=masquerade out-interface="the interface where u set your pppoe client"
2. change the rule to
0 chain=srcnat action=masquerade src-address=192.168.0.0/24

1st option -> Mikrotik will translate all the networks that are directly connected
2nd option -> Mikrotik will translate network 192.168.0.0/24 which is actually your private network (between Mk and your PC)

Re: how i can do this plzz

Posted: Mon Jan 09, 2012 6:59 pm
by mkh
hi..
i doing your options but didn't change anything.. ? what is solution :(

Re: how i can do this plzz

Posted: Mon Jan 09, 2012 9:45 pm
by nest
export your current firewall rules and let's check what is wrong?

Re: how i can do this plzz

Posted: Wed Jan 11, 2012 9:57 pm
by stenlyto
A question?

Before using SXT, did u reset the current configuration and then did u remove the default configuration....
cause SXT is comming with a default configuration, with DHCP server (192.168.88.0) and a few other thing that could make ur idea impossible :)
Make sure u have removed all default configurations before u start configuring following ur idea and our suggestions !

Re: how i can do this plzz

Posted: Wed Jan 11, 2012 10:59 pm
by mkh
MR.nest...
please you tell me what be must i doing in detail ..?


MR.stenlyto
do you mean system reset, and after reset, remove all configurations.. ?
Yes, I did it

Re: how i can do this plzz

Posted: Thu Jan 12, 2012 8:27 am
by stenlyto
ISP (PPPoE Server) -> (ISP Antenna) ))))))))))5GHz)))))))))) (SXT antenna) -----cable connection----Your PC

Is that your network topology....
If so?
1. Reset Configuration
2. Establish 5GHz wireless connection with your ISP
3. Create PPPOE client
4. After PPPOE client connected, make sure u have received an IP address, DNS address, and a gateway route have been added to your routing table!
5. Put Address on ether1 (10.20.30.1/24)
6. Run DHCP setup
7. Follow the questions, make sure that the DHCP server configuration wizard will suggest u the right DNS settings!
8. Add a NAT rule to your routing table ( as I suggested u)
---
Job DONE!
It should be working.
Try INTERNET on SXT first.... (ping 8.8.8.8, thats Google DNS... it will respond!)

Re: how i can do this plzz

Posted: Fri Jan 13, 2012 2:20 am
by nest
MR.nest...
please you tell me what be must i doing in detail ..?
In Winbox. Click on "New Terminal". Then type:
/ip firewall nat export file=firewall
Then in Files, copy the file "firewall.rsc" to your Desktop (see icons for copy/paste - highlight the firewall.rsc file and then click on the copy icon)
Then paste the content of that file 'firewall.rsc' to a new message here so we can see your firewall config.

Re: how i can do this plzz

Posted: Fri Jan 13, 2012 11:28 pm
by mkh
that's what i doing According to your suggestions .. please watch it

Re: how i can do this plzz

Posted: Sat Jan 14, 2012 12:58 am
by nest
mkh - when you send me your config, I will be happy to assist further. I am sorry, but I don't have the time to watch a video of you setting up your router and hoping that by very good luck I catch a few milliseconds of a screen that will show me your configuration. :-( Sorry, but please send me your config export. If you are worried for security, then send it to my email address. This way I can study the config in detail.

Thank you.

Re: how i can do this plzz

Posted: Sat Jan 14, 2012 3:04 am
by mkh
ok nest ... :D thanks for help me

that's my export:

[admin@MikroTik] > /ip firewall nat export
# jan/02/1970 00:07:43 by RouterOS 4.14
# software id = NA4N-PJ3L
#
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=wlan1 \
src-address=192.168.0.0/24

Re: how i can do this plzz

Posted: Sat Jan 14, 2012 1:54 pm
by nest
There is no need to specify both the interface and the address. Get rid of the address, leave just the outgoing interface. I said before "you must change src-nat to your pppoe interface". (Also, stenlyto said the same) :-) Your config shows you have now changed your masquerade to your wireless interface? It must be the pppoe interface as that is the interface that has the internet connection, your wireless interface is only connected to the AP, not the internet.
/ip firewall nat add chain=srcnat action=masquerade out-interface=Name_Of_Your_PPPoE_Interface

Re: how i can do this plzz

Posted: Sat Jan 14, 2012 2:46 pm
by mkh
also not working ... :(

[admin@MikroTik] > ip firewall nat export
# jan/02/1970 00:13:01 by RouterOS 4.14
# software id = NA4N-PJ3L
#
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
pppoe-out1

Re: how i can do this plzz

Posted: Sat Jan 14, 2012 3:24 pm
by nest
OK - just export the whole entire routerOS config here please - otherwise this could go on forever! :-)

Re: how i can do this plzz

Posted: Wed Jan 18, 2012 6:29 am
by mkh
thanks allllllllllll to help..... :)

Finally I found the solution :D

Re: how i can do this plzz

Posted: Thu Jan 19, 2012 1:41 am
by nest
So maybe you can now help everyone else and tell us what you found? ;-)

Re: how i can do this plzz

Posted: Thu Jan 19, 2012 2:16 am
by mkh
in firewall :
chain=srcnat , action=masquerade , Out. interface=pppoe-out .

ip=routes=add , Dst.address= 192.168.88.1 Gateway=pppoe-out .

easy :wink: :)

Re: how i can do this plzz

Posted: Thu Jan 19, 2012 2:55 am
by nest
That makes no sense at all! You said you had removed default configuration of 192.168.88.x yet, you are adding a route to this network, which is on the pppoe interface? :roll:

Well, OK, if it works and you're happy, that is most important thing I guess. :-)

Re: how i can do this plzz

Posted: Thu Jan 19, 2012 4:37 am
by mkh
i write this ip 192.168.88.1 as example :wink: