Отсутствует интернет в гостевой сети

[mafijs]

/interface bridge port
add bridge=bridge2 hw=no interface=ether1
add bridge=bridge2 interface=wlan1
/interface wireless cap
#
set bridge=bridge2 discovery-interfaces=bridge2 enabled=yes interfaces=wlan1,wlan2
/ip address
add address=172.16.2.100/22 interface=bridge2 network=172.16.2.0
add address=172.26.26.1/24 interface=bridge-guest network=172.26.26.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=bridge-guest

Удивляюсь, как тут вообще что нибудь работает.

ether1 смотрит в сторону провайдера?

[pasol]

в итоге позавчера все заработало)

Erik_U, спасибо большое за терпение и понимание!!! С наступающим!!

[pasol]

вот итоговая конфигурация

 

/caps-man channel
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled \
frequency=2437 name=channel-2-6 tx-power=10
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=Ce \
frequency=5200 name=channel-5-40 tx-power=20
add band=2ghz-b/g/n control-channel-width=20mhz extension-channel=disabled \
frequency=2462 name=channel-2-11 tx-power=15
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled \
frequency=2412 name=channel-2-1 tx-power=20
/interface bridge
add name=bridge-guest
add name=bridge2
/interface wireless
# managed by CAPsMAN
# channel: 2412/20/gn(20dBm), SSID: MCS, local forwarding
set [ find default-name=wlan1 ] disabled=no ssid=MikroTik
# managed by CAPsMAN
# channel: 5200/20-Ce/ac/P(20dBm), SSID: MCS, local forwarding
set [ find default-name=wlan2 ] disabled=no ssid=MikroTik
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
/caps-man datapath
add bridge=bridge2 client-to-client-forwarding=yes local-forwarding=yes name=\
datapath1
add bridge=bridge-guest client-to-client-forwarding=no local-forwarding=no \
name=datapath_guest
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
name=security1 passphrase=1234567890
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
name=security_guest passphrase=1234567890
/caps-man configuration
add channel=channel-5-40 country=russia3 datapath=datapath1 mode=ap name=\
cfg-mcs-5 rx-chains=0,1,2 security=security1 ssid=MCS tx-chains=0,1,2
add channel=channel-2-11 country=russia3 datapath=datapath1 mode=ap name=cfg-2 \
rx-chains=0,1,2 security=security1 ssid=MCS-2.4G tx-chains=0,1,2
add channel=channel-2-1 country=russia3 datapath=datapath_guest mode=ap name=\
cfg_guest rx-chains=0,1,2 security=security_guest ssid=MCS-public \
tx-chains=0,1,2
add channel=channel-2-1 country=russia3 datapath=datapath1 mode=ap name=\
cfg-mcs-2 rx-chains=0,1,2 security=security1 ssid=MCS tx-chains=0,1,2
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=pool_guest ranges=172.26.26.10-172.26.26.254
/ip dhcp-server
add add-arp=yes address-pool=pool_guest disabled=no interface=bridge-guest \
lease-time=1d name=dhcp1
/queue simple
add max-limit=30M/30M name=wifi-guest target=bridge-guest
/caps-man access-list
add action=reject allow-signal-out-of-range=10s disabled=no signal-range=\
-120..-80 ssid-regexp=""
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
cfg-mcs-2 name-format=prefix-identity name-prefix=2G slave-configurations=\
cfg-2,cfg_guest
add action=create-dynamic-enabled hw-supported-modes=ac,an \
master-configuration=cfg-mcs-5 name-format=prefix-identity name-prefix=5G
/interface bridge port
add bridge=bridge2 hw=no interface=ether1
add bridge=bridge2 interface=wlan1
/interface wireless cap
#
set bridge=bridge2 discovery-interfaces=bridge2 enabled=yes interfaces=\
wlan1,wlan2
/ip address
add address=172.16.2.100/22 interface=bridge2 network=172.16.2.0
add address=172.26.26.1/24 interface=bridge-guest network=172.26.26.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=bridge-guest
/ip dhcp-server network
add address=172.26.26.0/24 dns-server=8.8.8.8 gateway=172.26.26.1
/ip firewall filter
add action=accept chain=input src-address=127.0.0.1
add action=accept chain=input dst-port=5246,5247 protocol=udp src-address=\
127.0.0.1
add action=accept chain=forward
add action=accept chain=input
add action=accept chain=output
/ip firewall nat
add action=masquerade chain=srcnat out-interface=bridge2
/ip route
add distance=1 gateway=172.16.0.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=172.16.0.0/24
set ssh disabled=yes
set winbox address=172.16.0.0/24
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name="MikroTik (office)"
/system logging
add topics=caps
/system ntp client
set enabled=yes primary-ntp=89.109.251.21 secondary-ntp=80.249.145.122

после праздников уже разберусь с файерволом и ограничением скорости