Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Mikrotik Chateau 5G / Unable to hold N3/N78 bands RG502Q-EA
It's possibly an ex O2 SIM or a newer Three SIM where the 3internet APN no longer works. It looks like it took the command based on what you mentioned, but more likely the SIM.

The only other suggestion I have is to try swapping the SIMs between the Chateau 5G and the LHG.

Otherwise you can mention to MikroTik that your ISP has a Carrier Grade NAT IP and ask if there is any other suggestion they have for remote access.
Yeah I tried my partners Three SIM in the LHG and it gave me a public IP, but the blank SIM I had for the LHG doesn't work at all. Shame after wasting 20 to top it up Cry going to need another three sim I think ,going to get a prepay broadband one today to be  safe/sure I can get a public IP. Gonna be another 30 euro ,expensive testing Big Grin

Update on prepay sim , it's also a private IP , I suppose I'll have to ask three to give me a public one on their end , if possible even, frustrating stuff. I should have just asked for a normal phone SIM but they seem to be giving out the blank sim's still. not the one with the Three logo on it, prepay one is also blank.

Wonder will they do something like a LHG 5G? 

Some replies so far : 
Thank you for the supout file. I can see the logs for this moment now. It seems like 5G NSA only tires to connect if the LTE is anchored on B28 as in the previous supout files.

And while in contact with Three, 

They're asking me where exactly I was testing the 5G , so I gave them co-ordinates, they also asked if the A22 was tested in the same location , maybe they'll do something?
There wasnt a dst nat option in the chain section but I tried typing it ,, also when I do step 13 there is no dst nat option , only dst to address and it doesnt let me select the port

look here:
That's a pain that the prepay broadband SIM also gets a private IP.  Hopefully they can give you a public IP.  As I've heard they can do this for bill pay SIMs, they should be able to do this for a prepay broadband SIM, especially considering the premium they charge.  Had you  got a phone SIM, you could have put it in your Chateau 5G and placed its SIM that gets a public IP into the LHG.  It is only the LHG that needs the public IP address for the port forwarding.

The steps I wrote are with me doing this via Winbox.  Steps 13-16 are for this screen:

As the Winbox and web menu layouts are different, I mainly use Winbox for configuration.  Winbox also works without an IP address when the Ethernet cable is attached to the MikroTik (e.g. with Bridge mode accidentally enabled), i.e. on the Winbox logon screen, go into the Neighbors tab, click Refresh and can connect from there.
It'll only let me do /24 at the end of the ip in the first steps, does it matter? , and what about the network IP below it,, , re trying it now via winbox
Sorry, that the /254 was a mistake, I corrected the earlier post now. it should be /24, i.e.

The below it is fine.
I had the same idea with the SIM, but I'd need a 5G add-on for it to work so they can test it. Is there a way to get the 5G add on on the prepay sim?
Unfortunately, Three does not appear to offer 5G on its prepay broadband, Then again, the 30GB allowance wouldn't go far if it had 5G access.

You mentioned earlier that you did a €20 to a SIM that was in the LHG, If that was a phone SIM, try placing this in the Chateau 5G and buy the 5G add-on. If the SIM is totally dead (e.g. expired), you can try contacting Three support that you tried topping up your prepay SIM and that it is not working in your phone.
Another thing I noticed, on the  receipt it says rebranded , and in the LHG whenever I put in the prepay sim or the older blank sim , it shows roaming in a grey check mark , always.
When I put the Three sim from my router in , it doesnt. I'd say this is the issue. I've asked live chat but they were useless as usual so I've asked through the forum should get a reply tomorrow.  

That sim was the older and also rebranded one I was talking about, wonder will that work, how do I even try doing it again ? Big Grin  

 according to the forum they do offer public dynamic IP's for broadband sims  so maybe they will . Otherwise I'm not sure what I'd need to do.
Was a good idea with doing 5G add on on the o2 sim , all good and working now, just need to configure the router and we'll see if I get it to work Big Grin
Btw, do I use the username and password of the router page for the login with that dns name? and can I test it using my own wifi conneciton or does it have to be seperate from the chateau itself
The O2 SIMs used "internet" as the APN, so if it gives connectivity issues with "3internet" or "", try "internet".  The O2 SIMs did have a public IP APN in the past "open.internet.public", however, I think O2 stopped issuing public IPs even before Three bought out O2. 

To test the port forwarding configuration, you'll need to connect via a different network completely (e.g. via Eir SIM), using the DNS name and your router's username and password.
would a 48 sim work or does it have to be something like eir? I tried to there but connection refused so far Cry using 3g on my phone.
An update: pinging the DNS name gives me the IP of the LHG so does that mean it's working?
You would need to test from another network, such as Eir, Vodafone, DSL or Fibre connection, etc. using Winbox or the MikroTik App. From what I have heard, Three to Three does not work and likely the same with 48 as they operate within the Three network.

Pinging the DNS just confirms the DDNS part is working by pointing to your current public IP address.

As the Chateau 5G may treat this access as WAN (as the connection originates from the Internet even though it's from the LAN side), I suggest performing the following steps on your Chateau 5G using Winbox:
  • Go into the IP menu -> Firewall, then click the 'Filter rules' tab.
  • Click the '+' to add a new rule
  • In the Chain dropdown, choose 'input'
  • In the Protocol dropdown, choose 'TCP'
  • In the DST port, enter 8291
  • Go into the Action tab
  • For the Action dropdown, choose 'accept'
  • Click 'Comment', then enter 'Winbox remote'.
  • Click 'OK', then 'OK' again.
  • Drag & drop this new rule above the 'defconf drop invalid' line.
  • Repeat steps 2 to 10, but enter 22 for step 6 and 'SSH remote' for step 8.
  • Repeat steps 2 to 10, but enter 9000 for step 6 and 'Debug remote' for step 8.

When MikroTik support no longer needs remote access, I recommend deleting these firewall rules afterwards. Do not perform these steps on your LHG, otherwise these will break the port forwarding rules on the LHG.
I did this on the chateau 5G , does this look ok? Havent gotten a reply today yet from mikrotik.
The IP still private on the re-branded SIM despite changes, I've asked to see if they can do anything else. 
I'll go over and try connect to my router now via eir sim. 
There's a small bit of data in the firewall tab , 160b on the port rules I added, if that means anything Tongue

[Image: g86NSBp.png]
That all looks fine to me. Hopefully you'll be able to make a connection via the Eir SIM.
I assume I just open up mikrotik app and put the DNS in the address, along with admin + password of the LHG ? It kept refusing on the eir sim too Cry
That should be all you need to connect from the MikroTik App.

Unfortunately, I cannot think of anything else to try at the moment. Back when I provided MikroTik support with remote access, I did the port forwarding from my Huawei B525 router, which had the Three SIM with the public IP. The steps I provided above are from searching their forum and the web for guides, so it's possible there may be a firewall or NAT rule missing or that changed in a more recent Router OS version.
I re-did it again ... this is from the LHG
[Image: 0yu1Zpn.png]

I assume they dont need to be dragged above like the chateau rules were so I left them. disabled DHCP by hitting x and plugged it into chateau. Going to give it another go.

Update: still saying connection refused Cry still no reply from them anyway
The above screenshot appears fine. I also tried doing a test port forward on my Chateau to a set-top box and was able to access it from my 48 connection, so it appears connecting from 48 is possible.

As I have two Chateau routers (LTE12 and 5G), I'm going to try doing a similar setup here between the two to see if I can get Winbox to connect through to the second router via port forwarding on the main router.
I wonder if the LHG is the issue, it's a shame this LTE12 is bricked, can't seem to get it to work no matter what I do , ethernet shows up as un identified periodically but keeps re-appearing and disappearing, fairly sure its broke.

Let me know how it goes , maybe I'm doing something wrong , ill try it a 3rd time Big Grin

Forum Jump:

Users browsing this thread: 1 Guest(s)