entranceAccess to my apple mikrotik setup. Mikrotik & Apple - Interoperability Issues
When using wireless networks from Mikrotik, including those built using technology CAPsMAN, you may encounter the problem of the interaction of these networks with equipment from Apple. These problems consist in the fact that the device either refuses to connect to the network at all, or connects, but some services do not work, such as Skype or torrent clients.
Solving the problem is quite simple, although not so obvious. I will describe the problem using the example of a network built using technology CAPsMAN, but the solution is similar for ordinary networks. It is written in detail about setting up a network using CAPsMAN technology.
First, let's deal with the regional connection settings. To do this, go to the menu section CAPsMAN, in the window that opens, select the tab Configurations, choose the one used in this moment configuration and double-click to open it.
Further on the tab Wireless find dropdown list Country. By default it has no_country_set and most devices in this mode work fine. But not Apple! For the correct operation of Apple equipment, we select the native one for them United States(there are several items with US settings in the list, and if the usual one does not work, then you can try to select others).
Click OK, then reboot the system through the menu item System -> Reboot. After that, Apple devices should work fine. If not, then we move on...
Open the CAPsMAN section again, go to the tab Channels, and make settings for the operating mode wireless network. As it turned out in practice, apple equipment also wants to work on the first channel ( 2412MHz). We configure this value, do a reboot and try to use it. In my case, one laptop refused to work like that, I had to turn off the operating mode N, leaving only B and G.
Also not superfluous on the tab Security cfg. check security settings. Authentication modes must be enabled WPA PSK and WPA2PSK, as well as encryption algorithms aes and tkip.
Mikrotik routers are bought when you need to achieve something more from the network infrastructure, for example, configure two dozen Firewall rules, enable DPI, share several Internet providers between clients, and in the same vein. I used the Mirkotik RB2011UIAS-2HND-IN model for more than 4 years, and at one point he got me so much that I hid it, as they say, “out of sight, out of mind!”.
In this article, I will give you 5 points that I personally encountered that you should be aware of before buying Mikrotik.
1. RouterOS updates may not be compatible with each other
The first thing I encountered was the impossibility of updating RouterOS from version 6.34.6 to version 6.42. The problem manifested itself in the fact that after the update NAT did not work, in any form, under any circumstances. Dancing with a tambourine, updates and rollbacks led to the fact that the router had to be completely reset to factory settings and roll version 6.42 from scratch, then NAT worked. But what to do with 40+ filtering rules that have remained in the past? It is impossible to restore the configuration from a backup without rolling back the firmware, so I had to remember where everything was written and manually enter it into the configuration.
For an SmB-class model, I consider such antics unacceptable.
2. Instability of the built-in switch
I decided to update RouterOS not because I was afraid of hackers who hacked Mirkotik around the world, but because periodically the copy speed from the NAS dropped from 1 Gb / s to 200 Mb / s. An attempt to increase the size of the Jumbo Frame caused the switch to hang and reboot the device. By the way, on version 6.42, the freezes disappeared, but the speed dips remained, even despite the fact that completely hardware switching was screwed there.
3. Incompatibility with the 1GBase-T standard
We are used to the fact that if two network devices support a 1-gigabit network connection, then they will work at a speed of 1 Gbps, but the Mikrotik router broke this paradigm. One autumn evening, I had to connect a computer with a 10-gigabit Intel X540-T2 network card to the RB2011UIAS - and the router did not see it, as if network cable dangled in the air. This situation interested me, and I connected another 10-gigabit computer with an Intel X557-T2 network card - the situation repeated itself.
Driven by the idea to get to the bottom of the truth, I connected a third 10-gigabit network card Intel X550-T2 - it worked as expected. Then I connected the 4th 10-gigabit Aquantia AQC107 network card (read) - and it worked at a speed of 100 Mbps.
All four 10-gigabit network cards support 1 Gb / s, but only one of them has earned. Continuing the experiments, I connected these network cards to the following switches and routers:
- NetGear GS-105
In all cases, even when the switches were connected to Mikrotik, all 10-gigabit network cards worked at 1 Gb / s. Here, without unnecessary movements, it became clear that the problem was in Mikrotik.
It so happened that I really need to connect a 2-port X557-T2 network card with one port to Mikrotik, and the second - to the host, and I really didn’t want to put a third-party switch in front of Mikrotik, and I contacted technical support. In general, if 4 devices from different companies on the 1GBase-T standard do not work for you, this is a problem of the “whistle everyone upstairs” level, and I was counting on a quick bug fix. Yep, ran away.
4. No technical support
I described the situation in as much detail as possible and created an appeal to Mikrotik's technical support (application number 2018112022003151). The site promises us an answer within 3 days, but no one answered either after 4 or 5. I started to be reminded, and about a week later, I was asked to send logs and a technical report (support.rif) from the router.
Having collected all the data, I sent them and ... the waiting hours turned into days, days into weeks, and weeks into months. In general, there is no answer to this day.
5. Brake DNS Cache
While I was dealing with poking network ports, resetting and restoring Mikrotik, I appointed Keenetic Giga responsible for the Internet, and the first thing I noticed was the speed of working with DNS requests. Keenetic opened sites faster than Mikrotik, and there was a feeling that it was the DNS cache that was slowing down the “business model”. Of course, Keenetic is newer and more powerful, but to confirm the fears, I connected the ancient NetGear WNDR4000 - the same story: I already forgot that sites can open so quickly, I didn’t even know that DNS could slow down. I returned Mikrotik and double-checked my feelings: Internet surfing was slower on it than on the old Netgear and the new Keenetic.
What's next?
I read a lot of reviews on forums where ordinary people they bought Mikrotik-and according to the recommendations of specialists, despaired of setting them up and handed them back. My Mikrotik, at the very least, worked for more than 4 years, and ended up on a minor note. To be honest, I did not expect such wild glitches, nor such a reaction from technical support.
Today's world is primarily software, free software that develops independently of hardware. As a replacement for Mikrotik, I chose PFsense.
Mikhail Degtyarev (aka LIKE OFF)
In this article, we will consider two options that can be used to connect routers to each other in the same network. The first option is to connect two routers via Wi-Fi, and the second option is to connect routers via a network cable. In any case, the routers will work on the same network, and each will distribute the Internet both via cable and via Wi-Fi.
Why set up such a scheme at all and why connect one router to another? There are different situations. Most often, this is an extension of the coverage area of a Wi-Fi network, although, for such tasks, I recommend using. Everything is very simple here. We have already installed and configured a router, or a modem that distributes the Internet. We connect a second router to this router, wirelessly, or using a network cable. By installing a second router in another room, or on another floor, it will distribute Wi-Fi further.
Or in this way you can connect the Internet from a neighbor. Pay for one connection, and divide it into two routers. In fact, there are a lot of options. And if you have already visited this page, then most likely you already know why you need to connect one router to the second. So let's get down to business.
Advice! If you want to configure such a scheme solely to expand an existing Wi-Fi network, then it is best to configure the router in repeater mode if it supports this function. Devices from Asus and Zyxel can do this, here are the instructions:
Two routers on the same network: connection options
There are two options:
- Connect routers via Wi-Fi network. In WDS mode, or bridge mode. This is the same. In this case, you can install them at a relatively large distance. Well, you don't need to run cables. But there are also disadvantages, the Wi-Fi connection is not very stable, the speed over the wireless network will also drop. If you can’t manage to use a cable to connect, then the option with wireless connection will suit you. Well, not every router supports WDS mode. (especially from older devices).
- The second option is to connect two routers with a network cable in the same network. The method is reliable, proven, but it is not always suitable due to the fact that you have to lay a cable, and the cable itself, as a rule, needs a long one and you either need to buy it or make it yourself. You can use the one that comes with the router, but it is short.
I think you have already chosen the connection method that suits you. Now let's look at them in more detail.
We connect two routers via Wi-Fi (in WDS mode)
We will consider the example of the most popular manufacturers: Asus, Tp-Link, Zyxel, and D-link.
So, you must have a main router that should distribute wifi network, to which we will connect the second. He can be anyone. In the sense that it is not necessary that these be, for example, two Tp-Link router (although desirable).
Do I need to change the settings of the main router? Yes. In the settings of the main router, you need to set the static channel of the wireless network. Otherwise, there may be problems with the connection. How to change the channel on different routers, I wrote. Set for example static channel 6. And remember it, we will still need it.
That's it, no other settings of the main device need to be changed.
Setting up a WDS connection on a Tp-Link router
By setting up such a scheme on Tp-Link, we have a separate, detailed instructions: . If you have Tp-Link (TL-WR740ND, TL-WR841N, TL-WR941ND, TL-MR3220, TL-WR842ND, etc.), you can safely follow the link.
Everything is very simple there: go to the settings, change the IP address of the router, and configure the WDS mode. I will not describe everything in detail here, since the link above has a very detailed instruction. We figured out Tp-Link, let's move on to models from other manufacturers.
Setting up bridge mode on an Asus router
I just sat for more than an hour, figured out what and how it was with the bridge mode on Asus routers, and I can say that they did everything very complicated and confusing there. As far as I understand, you can configure WDS on an Asus router only if your main router is also Asus. There, on both routers, you need to register MAC addresses, etc. Maybe I'm wrong, correct me (in the comments). Tested on Asus RT-N12, and RT-N18.
Here at Tp-Link without all these troubles everything works. I give a link to the setup instructions on the official Asus website: https://www.asus.com/ua/support/faq/109839 . And I will definitely deal with these settings, and prepare a separate article on setting up the bridge mode on Asus routers.
We need a simple network cable. For example, the one that came with the router. If you need a longer cable, then you can order it from some computer store, they should make the cable the length you need.
Nothing needs to be configured on the main router (modem). The main thing is that the DHCP server is enabled on it. Automatic distribution of IP addresses. It is most likely enabled by default.
I will show an example of connecting a Tp-Link router to D-Link (he is our main and black). So we take the cable, and on the main router we connect it to LAN connector (one of four if you have 4). And on the second router, connect the cable to WAN connector. See screenshot below. My routers are connected with a black cable. The white cable is the Internet that is connected to the main router.
It turns out that Tp-Link will receive the Internet from D-Link, and distribute it wirelessly, or via cable.
If after connecting, the Internet from the second router does not work, then first of all, and then check that in the settings of the router we are connecting, it was set automatic receipt IP addresses (Dynamic IP) . On Tp-Link, it's done like this:
On other routers, these settings are set in the control panel, on the WAN, Internet, etc. tab.
For example, here is another diagram for connecting two routers via cable: Tp-Link to Zyxel. In this case, we have the main Tp-Link. Internet is connected to it.
In exactly the same way, the router is connected to the ADSL modem.
Afterword
Everything that I wrote in this article, I myself checked, and everything works. I tried to prepare the most simple and understandable instructions. But, if something didn’t work out for you, then you can describe your case in the comments, I will try to advise something.
Well, share your experience. If it will be helpful information I will definitely update the article.