Iso Mikrotik
Ceola Roefaro
I need your guidance for a situation that i am facing. We have a Mikrotik switch on which we grand access to the internet. So far so good, the problem is that we bought a new netgear m4300 28g poe+ and we want to create VLANs on it (done it) and we need to have access to the internet, unfortunately we don't. I have create the VLAN, I gave the IP address and I have also configure the DHCP server and it works, but when I try to access the Internet it is not possible.
Now I have connect the two switches and the Mikrotik switch is lets say the master switch, because it has the internet and the access point. So, I have configure the Mikrotik as a DHCP server for the whole lab. So when I connect a device on the Netgear switch it takes DHCP from Mikrotik and it also has access to the internet. The problem is with the new VLAN I am trying to configure.
If you want to do inter-VLAN routing on the switch, you need to define those VLANs only on the switch, enable routing on the switch and put the router into one of the VLANs or create a separate VLAN for it. Some static routing would need to be set up on the router as well. Your switch SVIs will be the default gateways for all client devices and the router LAN interface will be the default gateway for the switch. This article ( -to-configure-routing-VLANs-on-a-NETGEAR-managed-switch-with-shared-...) shows an example of it.
The netgear is a factory default switch and works find with the mikrotik switch. If someone connects on the netgear will have DHCP, DNS and of course Internet access through the Mikrotik switch. Now the problem is if you try to create a new vlan lets say vlan200, you can't access the internet. You lose connection. So =, the question is, what should I do to provide Internet access to every netgear vlan I want to create.
So, you have a Mikrotik switch with some VLANs already set up there and everything works fine, right? Now you connect a NETGEAR switch with its factory default settings to one of the ports of the Mikrotik switch. I assume that port is just an access (untagged) port to one of the VLANs there. A switch with its factory default settings behaves like an unmanaged switch, therefore your whole NETGEAR switch becomes part of the VLAN the Mikrotik port belongs to. If you set up VLANs on the NETGEAR switch, you need to redefine the connection between the switches. You need to set up a trunk (tagged) link between the switches. The 'router on a stick' topology employs that concept.
As far as I know, there is no DHCP server on the M4300 28G POE+. That Mikrotik switch can provide IP addresses to devices connected to the vlan200 ports of the NETGEAR switch. Of course, the DHCP server needs to be activated for the vlan200 on the Mikrotik switch. If I'm right that there is no DHCP server on that NETGEAR switch, you will face a DHCP dilemma when you try to get rid of the Mikrotik switch.
hello i am having problem with my syncthing , from this day i been using syncthing plugged in to my Internet modem , then when i try to connect my pc to mikrotik syncthing appears disconnected from my target servers , please help me with my problem . so in order to use syncthing i need to plug my pc back to internet modem directly
Hello everyone, I am having some issue with my equipment. I am running 3 Deco in AP mode, with a Mikrotik router, all good except that very randomly the APs turn to static RED Led but there is still internet connection. Now the Mikrotik router logs show that the main Deco AP is beign assigned and deassigned an IP about every minute or so. DHCP Server is runing on Mikrotik with a lease time of 1 day, with a pool that goes from 192.168.0.10 - 192.168.0.100 and I have reserved IPs .2 .3 .4 to my Deco APs (.2 is the main Deco). If someone could help me solve this problem I would appreciate a lot. Or if there is any way to set static IPs to the Decos. Thanks...
@WookieeFer I have the same stack of equipment as yours, but have no such a problem... Differences are: the hardware ver. of M4 - I have V.1; My Decos dinamic IPs are the part of the common pool; lease time is 15 minutes... I can advise to make some experiments. For example, connect only one Deco to the router and let it get any dinamic IP from the pool... Check and if OK, connect another Decos one by one.....
@RedRoger Yes, I will keep testing different settings as well. Also I have another question, do you set your Mikrotik DHCP server to assign static IPs to your Decos (Reserve IP to Device so that DECOs have the same IP) or just leave them to Dynamically assign? Thanks..
@WookieeFer Yap, Decos get IPs dinamically. For Decos control, application is a sufficient tool for me. It controlls Deco via TP-Link server, so it is no need to know current internal IP. If I need web-interface to log in to the Deco, I can pick IP address in DHCP leases and use it, but it is not often...
@WookieeFer I have equal problem with deco M5, Mikrotik router---->Switch---->3x Deco M5 in AP mode, every few minutes mikrotik is logging dhcp assigned/deassigned on decos, i tried reserving IP on MKT for Decos, tried dynamic IPs for deco, tried to set another deco to main deco, but everything is equal, I don't have any ideas for this problem... Did you have any idea? P.S.:Mikrotik and Deco is on latest firmware and software version.
In the left sidebar go to setup, then type in mikrotik. You should see Mikrotik RouterOS and click on it. Click on add rule and configure how to connect to your router.
Under explicit hosts you probably want to select the monitoring host you want to apply this rule to, so it does not get applied to all hosts.
After setting up the connection infos, activate the changes and run the service discovery again on your host.
If you disabled NAT on the Mikfrotik and add a static route to the peplink for the subnets behind the mikrotik with a destination of the Mikrotik WAN ip the Peplink has given it then you will be able to do wat you want.
I have a brand new MikroTik router that behaves strangely out of the box (came with RouterOS version 7.11, upgraded to 7.14.1, default admin account disabled) - even when its configuration is completely reset, it sends out SYN packets to random IP addresses on the Internet (yes, the packets are going through the output chain, not input). Either I don't understand something (which is possible) or the router has some malware on it. So at this point I have two questions:
I bought more than 100 mikrotik devices and see this problem just 2 times (and I have no reason for it)!if you have reset your router (as you said), Connect directly via LAN and to the first port.open winbox and use your device information that labeled under it or the box and write first ethernet mac address manually as address.for username and password, if nothing printed on your device label, just use "admin" as username and leave the password blank.Now you can connect to your router.
MikroTik is a Latvian network equipment manufacturer. The company develops and sells wired and wireless network routers, network switches, access points, as well as operating systems and auxiliary software. The company was founded in 1996 with the focus of selling equipment in emerging markets. As of September 2018, the company had more than 140 employees. In 2015 it was with EUR 202m the 20th largest company in Latvia by revenue.
RouterBOARD is a hardware platform from MikroTik, which is a line of routers running the RouterOS operating system. The various RouterBOARD options provide for a variety of application scenarios, from running wireless access points and managed network switches to firewall appliances with quality of service (QoS) features.
A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet. Data sent through the internet, such as a web page or email, is in the form of data packets. A packet is typically forwarded from one router to another router through the networks that constitute an internetwork (e.g. the Internet) until it reaches its destination node.
They offer the most user friendly, up to carrier-class routing and network management solutions. Their products are used by many ISPs, individual users and companies for building data network infrastructures all across the world. There are millions of installations worldwide going back as far as 1996!
All production routers have to be administered by SSH, secured Winbox or HTTPs services. Use the latest Winbox version for secure access. Note, that in newest Winbox versions, "Secure mode" is ON by default, and can't be turned off anymore.
The first step to configure a MikroTik Router is to assign WAN and LAN IP addresses in WAN and LAN interface accordingly. The following steps will show how to assign WAN and LAN IP addresses in a new MikroTik Router.
From Winbox, go to IP > Routes menu item. Route List window will appear now. You can see two dynamic routes are already added in this Route List. Click on PLUS SIGN (+). New Route window will appear. Now put gateway address which is provided by your ISP in Gateway input field.
After completing gateway configuration, you must create a NAT firewall rule to masquerade LAN IPs. Otherwise, LAN user cannot access internet through MikroTik Router. The following steps will show how to create masquerade firewall rule in MikroTik Router.
After completing three mandatory configurations, we need to configure DNS in MikroTik Router so that it can resolve DNS request from the LAN user as well as itself. The following steps will show how to configure DNS in MikroTik RouterOS.
Go to IP > DNS menu item. DNS Settings window will appear. In this window, put DNS server address that you have got from ISP company or you can put Google public DNS IP (8.8.8.8) in Servers input box. You can put secondary DNS server IP by clicking add new value button (drop down button) located after the Servers input box. Optionally, you can turn MikroTik router as a DNS server. Turning MikroTik router as a DNS server is a better idea, I think. Because if you use public DNS server in your network, every DNS request of your user will consume your paid bandwidth. But if you turn MikroTik router as a DNS sever, your user will get DNS solution from MikroTik Router without consuming paid bandwidth. So, if you want to turn MikroTik into a DNS server, click the Allow Remote Requests check box and click Apply and OK button.