Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
inogda_dobriy2015-11-19 11:38:30
WiFi
inogda_dobriy, 2015-11-19 11:38:30

Mikrotik rb951g 2hnd (does not let guest WIFI in and cuts speed) - what to do?

mikrotik rb951g 2hnd
created 2 WIFI points. 1- for staff to work on the network with a
password 2- for guests with Internet access but without
access to the network cuts the speed terribly within 2-3Mbps (measured by speedtest and ip2ru) although it works with another router at the level of 40-50Mbps. Mikrotik itself, when pinging with an internal utility on 8.8.8.8, gives out 70-100Mbps. CONFIGURATION HERE: # jan/02/1970 11:55:17 by RouterOS 6.19 # software id = 25QJ-WQBP # /interface bridge add l2mtu=1598 name=bridge1-local set [ find default-name=ether1 ] comment=WAN name =ether1-gateway
/interface ethernet
set [ find default-name=ether2 ] comment=LAN name=ether2-master-local
set [ find default-name=ether3 ] master-port=ether2-master-local
set [ find default-name=ether4 ] master-port= ether2-master-local
set [ find default-name=ether5 ] master-port=ether2-master-local
/ip neighbor discovery
set ether1-gateway comment=WAN
set ether2-master-local comment=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" \
wpa2-pre-shared-key=******* allowed mode=dynamic-keys name=wifi_pass supplicant-identity="" \ wpa2-pre-shared-key=******* add authentication-types=wpa2-psk eap-methods="" management-protection=\
add authentication-types=wpa2-psk eap-methods="" management-protection=\
allowed mode=dynamic-keys name=free-wifi wpa2-pre-shared-key=*******
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n default-authentication =no \
disabled=no distance=indoors hw-protection-mode=rts-cts l2mtu=2290 mode=\
ap-bridge periodic-calibration=enabled periodic-calibration-interval=10 \
security-profile=wifi_pass ssid=Eliziya tx- power=18 tx-power-mode=\
all-rates-fixed wds-default-bridge=bridge1-local wds-mode=dynamic \ add disabled=no l2mtu=2290 mac-address=4E:5E:0C:39:D3 :63 master-interface=\ wlan1 name=wlan2 ssid=test_use wds-cost-range=0 wds-default-cost=0 /ip pool add name=dhcp_pool1 ranges=192.168.88.2-192.168.88.254
wireless-protocol=802.11
add name=dhcp_pool2 ranges=192.168.85.2-192.168.85.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=bridge1-local name=dhcp1
add address-pool=dhcp_pool2 disabled=no interface=wlan2 name=dhcp2
/queue simple
add max-limit=2M/2M name=queue1 target=192.168.85.0/24
/interface bridge port
add bridge=bridge1-local interface=ether2-master-local
add bridge=bridge1-local interface=wlan1 add address= 192.168.88.1/24 interface=bridge1-local network=192.168.88.0 add address=192.168.85.1/24 interface=wlan2 network=192.168.85.0 /ip dhcp-client add default-route-distance=0 dhcp-options=hostname, clientid disabled=no \ interface=ether1-gateway
/ip address
/ip dhcp-server network
add address=192.168.85.0/24 dns-server=192.168.88.1,8.8.8.8 gateway=\
192.168.85.1
add address=192.168.88.0/24 dns-server=192.168.88.1,8.8.8.8 gateway=\
192.168.88.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall address-list
add address=192.168.88.0/24 list=inet
add address=192.168.85.0/24 list=inet add chain=input comment=icmp protocol=icmp add chain=input comment=established connection-state=established add chain=input comment=related connection-state=related add chain=input comment=manage in-interface=bridge1- local add action=drop chain=input comment="all other drop" in-interface=\
/ip firewall filter
ether1-gateway
add action=drop chain=forward comment="Drop invalid connection packets" \
connection-state=invalid
add chain=forward comment="Allow established connections" connection-state=\
established
add chain=forward comment="Allow related connections" connection-state=\
related
add chain=forward comment="Allow access to internet" in-interface=\
bridge1-local out-interface=ether1-gateway src-address-list=inet
add action=drop chain=forward comment="All other drop"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-gateway
/ ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip upnp interfaces
add interface=ether1-gateway type=external
add interface= ether2-master-local type=internal
add interface=ether3 type=internal
add interface=ether4 type=internal
add interface=ether5 type=internal
add interface=wlan1 type=internal
add interface=bridge1-local type=internal
add interface=wlan2 type=internal
/system leds
set 0 interface=wlan1
Please HELP....the second day and this and that and that and nothing

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
C
Cool Admin, 2015-11-19
@ifaustrue

add chain=forward comment="Allow acess to internet" in-interface=bridge1-local out-interface=ether1-gateway src-address-list=inet
add action=drop chain=forward comment="All other drop
" you rule?
add chain=forward comment="Allow access to internet" in-interface=wlan2 out-interface=ether1-gateway src-address-list=inet
And separate the traffic between networks in the firewall. (between bridge and wlan2 and vice versa action drop)
I don't see anything about trimming the speed. Show the statistics on the interfaces (drops, collisions), and check the settings of the physical ports. Look at what the profiler says - what is the load on the cpu?

Report
L
LESHIY_ODESSA, 2015-11-20
@LESHIY_ODESSA

on LAN ports cuts the speed terribly within 2-3Mbit (measured by speedtest and ip2ru)

Compared in the forehead with my config.
/interface bridge
add l2mtu= 2290 name=bridge1-local
Then where does it come from??
/interface wireless
wds-default-bridge=bridge1-local wds-mode=dynamic
That is, what kind of WDS did you raise or what? Disable:
wds-default-bridge= none wds-mode= disabled
The below seems dubious to me. You have a speed limit on WLAN2, which hangs on WLAN1, and that, in turn, was part of bridge1 along with LAN.
/queue simple
add max-limit=2M/2M name=queue1 target=192.168.85.0/24
Have you tried disabling the queue? Try it, suddenly it will stop cutting immediately.

Report
I
inogda_dobriy, 2015-11-20
@inogda_dobriy

in the properties of the l2mtu bridge it is 1598 and it is muted - that is, I can’t change it, I can only MTU, now this parameter 1500
WDS is configured only for WLAN1 it is now configured wds-default-bridge=bridge1-local wds-mode=dynamic is the default parameter to mine and how it can affect the speed on wired ports?
"wds-default-bridge=none wds-mode=disabled" in this line swears at the first equal - ERROR
yes, the limit is set on WLAN2, but since WLAN2 itself is a slave, it cannot cut traffic to the master in any way. moved queue to network 192.168.85.0/24 - nothing has changed. On WLAN2 - everything cuts correctly by 2/2 - there are no questions here.
What is a queue and how to disable it?

Similar questions
S
Sergey2015-01-18 15:36:31
What equipment can be used to correctly switch the client from an access point with a weaker signal? 7Reply
M
milssky2019-06-10 19:05:47
Because of what can be a wild ping on a laptop via wifi when the tablet is connected to the same network? 0Reply
Y
yiicoder2017-01-17 14:19:44
Which router to choose with Wifi-802.11ac? 1Reply
A
allaga2019-06-16 08:36:34
How to make an open point with authorization by answer mat. tasks? 1Reply
E
Envywewok2019-06-20 13:40:44
Is it possible to use wi-fi from mikrotik instead of built-in wi-fi? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question