인터넷 --- 1차 mikrotik --- 2차 mikrotik AP (bridge모드)
DNS가 1차 mikrotik에 있으며, 2차는 따로 설정해주지 않았습니다. AP에 붙는 클라이언트는 주소입력에 문제가 없는데
AP는 DNS에서 읽어오질 못해서 펌웨어 업데이트가 안되네요. 어떤 식으로 설정을 해야 좋을까요?
추가 : 1차 밑에 브릿지모드로 붙은 AP에서 밖으로 핑 쏴도 안갑니다. 예를들면 8.8.8.8로 쏴도 timeout이네요.
icmp열어준 것 같은데 안되서 설정을 올려봅니다.
해결 : 2차 AP에서 DHCP client 설정, 그 외 잡설정 다 지우니 해결되었습니다.
ping은 외부 및 1차 측에서 따로 설정해둔 원격지의 VPN터널 내부 IP로도 잘 오갑니다.
[admin@RBcAP2n] > export
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] advertise=\
10M-half,10M-full,100M-half,100M-full
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-eap eap-methods="" \
management-protection=allowed supplicant-identity= tls-mode=\
verify-certificate wpa2-pre-shared-key=
add authentication-types=wpa2-psk eap-methods="" management-protection=\
allowed mode=dynamic-keys name=wpa2pskaes supplicant-identity="" \
wpa2-pre-shared-key=
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-onlyn channel-width=20/40mhz-Ce \
dfs-mode=no-radar-detect disabled=no distance=indoors frequency=2437 \
hide-ssid=yes l2mtu=1600 mode=ap-bridge mtu=1454 security-profile=\
wpa2pskaes ssid= tdma-period-size=auto tx-power=-30 \
tx-power-mode=all-rates-fixed wireless-protocol=unspecified wmm-support=\
enabled
/ip pool
add name=pool1 ranges=192.168.88.80-192.168.88.99
/ipv6 pool
add name=pool1 prefix=::/64 prefix-length=64
/system logging action
set 2 remember=yes
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=wlan1
/ip address
add address=192.168.88.2/24 interface=ether1 network=192.168.88.0
add address=192.168.88.3/24 interface=wlan1 network=192.168.88.0
add address=192.168.88.2/24 interface=bridge1 network=192.168.88.0
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
interface=bridge1
/ip dhcp-server network
add address=192.168.88.0/24 dns-server=192.168.88.1 gateway=192.168.88.1 \
netmask=24
/ip dns static
add address=192.168.88.1 name=RB450G
add address=8.8.8.8 name="Google Public DNS"
/ip firewall filter
add chain=input protocol=icmp
add chain=input connection-state=established
add chain=input connection-state=related
/ip firewall mangle
add chain=output dst-address=192.168.88.0/24
/ip firewall nat
add chain=srcnat protocol=icmp
add chain=dstnat protocol=icmp
add chain=srcnat protocol=igmp
add chain=dstnat protocol=igmp
/ip route
add distance=1 gateway=bridge1,wlan1,ether1
add distance=1 dst-address=192.168.0.254/32 gateway=bridge1,wlan1 scope=255
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
450ÀÌ ¸ÞÀÎ ±×¾Æ·¡ mAP°¡ ap¿ªÇÒÀ̶ó¸é ´Ù¸¥ ´ë¿ªÀ» »ç¿ëÇϽô ÀÌÀ¯´Â ¹«¾ùÀΰ¡¿ä?
450ÀÇ Æ÷Æ®°¡ 192.168.0.0/24 ´ë¿ªÀΰŠ°°´øµ¥.. ±×³É ±×´ë¿ªÀ» »ç¿ëÇÏ½Ã¸é ¾ÈµÉ ÀÌÀ¯¶óµµ ÀÖ³ª¿ä?
450Àº ±×´ë·Î µÎ°í..
mAP´Â ¸ðµç ¼³Á¤ Áö¿ì°í, wlan º¸¾È ¼³Á¤¸¸ ÇÏ°í..
ºê¸´ÁöÇϳª ¸¸µé°í ether1,wlan1 ºê¸´Áö¿¡ Ãß°¡ÇÏ°í dhcp-client ·Î ºê¸´Áö Ãß°¡Çϱ⸸ ÇÏ¸é µÉµíÇѵ¥¿ä.
ÇöÀçµµ ¸»¾¸´ë·Î 450°ú °°Àº ´ë¿ªÀ¸·Î ¾²°í ÀÖÀ¸¸ç, ³¯¸®°í ´Ù½ÃÇѹø ÇغÁ¾ß °Ú½À´Ï´Ù.