Killa200
Premium
join:2005-12-02
Spring City, TN
 ·AT&T Southeast
| RouterOS Questions I am asking this in here as well as me searching all over, as i am supposed to be putting this stuff in today! (Yay me for assuming I had a grasp on all of it).
I have a setup going in consisting of a T1 line coming out of a cisco router (no dhcp, manual setup of ip's only... which is fine as it only came with 5) and two RB433's with two RB52 cards each. The 1st RB433 is going to run a 2.4ghz ap / 5.8ghz back haul, and grab the internet connection from the cisco router. The second RB433 is going is on the receive end of the 5.8ghz back haul and will be running a second 2.4ghz ap. All shots are clear los.
I want to get this up routed (trying not to start down a road of bridging) which leads me to my issue. All the crappy how-to stuff on the mikrotik site that i have found shows how to bridge the hell out of everything and assumes your provider either gives you a ton of ip's or you have a dhcp server. How do i go about getting dhcp / nat running correctly on the first RB433 so that it not only handles passing out ip's for AP1, but also the remote AP2?
| |
|
Killa200
Premium
join:2005-12-02
Spring City, TN
·AT&T Southeast
2 edits | Re: RouterOS Questions just as an update to where i am at:
Ive got the dhcp server and a src-net setup on the first RB433. I got a laptop connected to the 2.4ghz ap section of the RB433. It grabs an ip address, gets dns info and gateway info just fine. I can ping items on the wlan side (the RB433) and the wan side (cisco and the server).... but access external addresses or ips. Doing a ping in WinBox on an external ip or address using the WAN port (the Ethernet connected to the cisco) however does ping external addresses and ips. Any ideas there? Or ideas on how to get this setup talking to the second RB433?
::EDIT:: The laptop can now browse the internet like normal.... helps if my gateway is set to AS and not just S.... lol. I still need some help with the backhaul and AP2 portion of this though | |
|
viperm
Carpe Diem
Premium
join:2002-07-09
Winchester, CA
1 edit | Are you going to give out public or private ip addresses to the laptops associating to the aps etc?
First things first you need to get the WAN workign first to make things easier.
I assume your going to use interface 1 on the Mikrotik for WAN?
If so plug eth port 1 into your CIsco. Log into the Mikrotik with Winbox to make things easy.
Assign a PUBLIC ip address to your ether 1 interface from winbox make sure you put it in as this form xxx.xxx.xxx.xxx/24 or whatever your netblock of ip's are comign from your CIsco.
Then go into Ip/routes and add a route destination of 0.0.0.0/0 gateway being yoru cisco lan IP thats connected to the Mikrotik eth one so if mikrotik ethernet1 is configured with ip address 208.79.10.2 then your gateway on the cisco would be 208.79.10.1 Obviosly these ip's I just made up but you get my drift.
Get that far and see if you can go to tools in winbox and choose ping and see if you can ping an IP address on the net.. | |
|
viperm
Carpe Diem
Premium
join:2002-07-09
Winchester, CA
| You also have to make sure to put in a masquerade rule to nat the lan and wan interface..
so go into Ip/firewall click on nat add a rull in there
chain=srcnat action=masquerade src-address=192.168.1.0/24
or whatever your LAN ip range is
--
ComTrain Certified Tower Climber. American Tower Certified approved contractor. Wireless consultants. | |
|
 |
Killa200
Premium
join:2005-12-02
Spring City, TN
·AT&T Southeast
| Re: RouterOS Questions ive managed to get the entire thing patched up as follows:
Running 2 sets of dhcp /24 blocks on Mikrotik 1, 1 assigned to 2.4ghz, another to 5.8ghz. A masquerade rule for the /16 that those two dhcp allotments fall under. Then Mikrotik 2 has the 5.8ghz card running in station-pseudobridge mode, and that card plus the 2.4ghz card are in a bridge so that Mikrotik 2 can get assign cpe's dhcp addresses from the 1st mikrotik as well as pass traffic.
All addresses are private except for the 1st mikrotik which has a public ip address bound between Ethernet 1 and the cisco.
Feel free to comment on a better way... this is just what i managed to get working between google, viperm's comments, and fiddling around myself. | |
|
slipstream1
Premium
join:2005-11-15
Jacksonville, TX
| Instead of bridging the backhaul, why not route it. Say you have 192.168.10.0/24 as the IP address range for Mikrotik #2 and you have 192.168.11.0/24 as a subnet of addresses for your backhauls. You would need to do the following:
WLAN 5.8 BH on MTIK#1: 192.168.11.1/30 AP BRIDGE
WLAN 5.8 BH on MTIK#2: 192.168.11.2/30 STATION
Routes on MTIK#1 would be 0.0.0.0/0 Gateway:Address of Cisco
Then you will have 3 default routes:
1. ether1 connected to cisco
2. WLAN 2.4 AP
3. WLAN 5.8 BH
The following would need to be entered as a static route:
DST-192.168.10.0/24 Gateway: 192.168.11.2
The gateway on your MTIK#2 would be 192.168.11.1.
This way you are totally routed across the backhaul and the backhauls are isolated from the 2.4 ap's.
On masquerade rules, I have always done:
chain=srcnat action=masquerade out-interface=wlan 5.8 BH.
Hope this gives you some other ideas on how to go. | |
|
|
|
|
