tag:blogger.com,1999:blog-1630534171443998118.post29062950305237408..comments2023-03-09T09:06:17.683+00:00Comments on ctrl-alt-del.cc: Mikrotik + Pi Zero + Pi-hole = advertising sinkhole with fail-safeTomasz Miklashttp://www.blogger.com/profile/00221642679288385721noreply@blogger.comBlogger26125tag:blogger.com,1999:blog-1630534171443998118.post-13243006711263787672022-02-10T07:01:35.465+00:002022-02-10T07:01:35.465+00:00First question - can you ping from your computer t...First question - can you ping from your computer the IP address of the RPi. Start with basics, then go to ssh if ping works. If ping doesn't work then you need to find out why.Tomasz Miklashttps://www.blogger.com/profile/00221642679288385721noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-26626048408629900092022-02-09T23:11:58.755+00:002022-02-09T23:11:58.755+00:00Hi, I use the same device, LTE came but I cannot p...Hi, I use the same device, LTE came but I cannot provide access. SSH file added but I can't see the Putty Denger.Firathttps://www.blogger.com/profile/14116070552111367088noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-31339359527519582662022-02-09T23:09:54.072+00:002022-02-09T23:09:54.072+00:00This comment has been removed by the author.Firathttps://www.blogger.com/profile/14116070552111367088noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-17438437715453011212021-08-02T07:41:56.451+01:002021-08-02T07:41:56.451+01:00I don't have a specific rule for this... I use...I don't have a specific rule for this... I use default<br /><br />/ip firewall add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=ether1-WAN<br /><br />Besides that it is important to tell RPi that default gateway and route is via the IP address of Mikrotik, the one assigned to lte1 interface. This should sort it out...Tomasz Miklashttps://www.blogger.com/profile/00221642679288385721noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-85372127378984881712021-07-25T02:08:09.558+01:002021-07-25T02:08:09.558+01:00Thanks for this guide. I am having an issue once i...Thanks for this guide. I am having an issue once i connect to the pi, the device does not resolve anything. I can ssh into the pi from my lan and the pi is able to access the internet. what does your masquerade rule look like?Jr33https://www.blogger.com/profile/04487099680239051432noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-9872859464177819322021-03-23T18:48:44.400+00:002021-03-23T18:48:44.400+00:00This comment has been removed by the author.Tomihttps://www.blogger.com/profile/13024550196058275428noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-22970494087873398462021-03-23T18:41:39.532+00:002021-03-23T18:41:39.532+00:00Do you have the LTE package installed on the route...Do you have the LTE package installed on the router? Check in system packages, you might have to download it in "all packages" RouterOS version for your OS version.<br />If that doesn't help, try System/Ports/Firmware, uncheck "Ignore-DirectIP-Modem".Tomihttps://www.blogger.com/profile/13024550196058275428noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-10323324746341089242021-03-23T14:38:47.945+00:002021-03-23T14:38:47.945+00:00same for me - it appears in windows as com port, n...same for me - it appears in windows as com port, not network thingy<br />so one must install pi-hole at first, and them make rpi to be a ltedimkin.euhttps://www.blogger.com/profile/13953960605455849399noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-14336939120507028232021-02-21T21:03:05.436+00:002021-02-21T21:03:05.436+00:00I think I did, I am able to connect to it via the ...I think I did, I am able to connect to it via the PC. Created NAT trough the PC, installed pihole. Can it be something related to the model of router or the raspbian version? Also, are you connecting additional power to the raspberry or just a single cable from the router to the usb port? Един Робhttps://www.blogger.com/profile/15087864818000846435noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-70395233351245609832021-02-20T20:23:22.928+00:002021-02-20T20:23:22.928+00:00If you configured Pi Zero correctly (as ethernet w...If you configured Pi Zero correctly (as ethernet widget - g_ether above) then it should come up as LTE interface and speak IP protocol. Works ok on 'long term' routeros channelTomasz Miklashttps://www.blogger.com/profile/00221642679288385721noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-675682823722789362021-02-20T19:57:06.324+00:002021-02-20T19:57:06.324+00:00Hi, thanks for this tutorial. I followed and was a...Hi, thanks for this tutorial. I followed and was able to perform all the steps but my routerboard RB951G-2HnD doesn't recognize the pi zero. Any clues what can help?Един Робhttps://www.blogger.com/profile/15087864818000846435noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-83160297848151170852020-09-15T19:31:09.605+01:002020-09-15T19:31:09.605+01:00Do you have SSH start at boot? If you can ping ras...Do you have SSH start at boot? If you can ping raspberry pi, then you need to turn on ssh.<br />Is that pi zero or pi zero w with wifi?Tomasz Miklashttps://www.blogger.com/profile/00221642679288385721noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-48427367820110981642020-09-15T11:30:56.390+01:002020-09-15T11:30:56.390+01:00hi good day! I have done the steps above. But ever...hi good day! I have done the steps above. But every time I implement "options g_ether idVendor=0x05ac idProduct=0x1402 iProduct=Pi0 iManufacturer=Raspberry". I cannot ssh to pi Zero when reboot/dc to session.Anonymoushttps://www.blogger.com/profile/16072598704795395555noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-84171159711621899982020-06-22T12:02:35.674+01:002020-06-22T12:02:35.674+01:00True, very true... I guess I didn't mention th...True, very true... I guess I didn't mention that because I assumed we already have that in place...Tomasz Miklashttps://www.blogger.com/profile/00221642679288385721noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-28582980408272910702020-06-22T11:49:49.516+01:002020-06-22T11:49:49.516+01:00This is brilliant thank you.
Just using it for t...This is brilliant thank you. <br /><br />Just using it for the second time after my first PiHole SDCard was corrupted by an unexpected power outage. <br /><br />One thing to add, when editing files in step 2 - I needed to add a blank file called "SSH" (no file extension) to the boot partition to get SSH to be automatically enabled. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-58514156559874277872020-06-05T10:24:20.797+01:002020-06-05T10:24:20.797+01:00I did it. My gateway on RPI has to be the same as ...I did it. My gateway on RPI has to be the same as the LTE device in mikrotik (range out of the mikrotik address). So my RPI (pihole) is 8.2, gateway is 8.1, and LTE mikrotik device is 8.1. LAN range is 88.0, DNS now is 8.2.Anonymoushttps://www.blogger.com/profile/15014549749862059716noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-1848973869673809672020-06-05T08:22:55.386+01:002020-06-05T08:22:55.386+01:00Thx. Got it working. I can access now my LTE(Pihol...Thx. Got it working. I can access now my LTE(Pihole) over network and get to pihole. My pihole address is 192.168.8.2, when I set that as my DNS in mikrotik I get no internet. <br /><br />In mikrotik NAT I "masquarade LTE1 device". What else shuld I do so my DNS gets me out ot internetAnonymoushttps://www.blogger.com/profile/15014549749862059716noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-26436761915662315552020-06-04T23:26:31.737+01:002020-06-04T23:26:31.737+01:00You need effectively 3 subnets - one for WAN link,...You need effectively 3 subnets - one for WAN link, different one for LAN and yet another (different from the other two) for LTE1 and raspberry pi. <br /><br />If your WAN and LTE1 networks are identical, system won't know which interface to use to reach internet. At best it will work intermittently, at worst (and most likely) not at all.Tomasz Miklashttps://www.blogger.com/profile/00221642679288385721noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-81852486744869324172020-06-04T22:39:19.327+01:002020-06-04T22:39:19.327+01:00Ah. Maybe try setting another subnet, different fr...Ah. Maybe try setting another subnet, different from LAN. I have set 192.168.53.1/24 for LTE1 (Pi has 192.168.53.53) and home/guest/mgmt are on 192.168.5.0/20.0/0.0 subnets.<br />I think that's the issue.andrewskiphttps://www.blogger.com/profile/15017346156705630180noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-32298692090451542712020-06-04T19:32:48.963+01:002020-06-04T19:32:48.963+01:00I put adress 192.168.88.150/24 for LTE1 device. Th...I put adress 192.168.88.150/24 for LTE1 device. Then loose internet.<br /><br />What should I do after that. After that I cant seem to get it all right.<br /><br />Thank youAnonymoushttps://www.blogger.com/profile/15014549749862059716noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-11355574421841742932020-06-04T19:23:39.026+01:002020-06-04T19:23:39.026+01:00To add IP address to an interface, go to IP/Addres...To add IP address to an interface, go to IP/Addresses and hit "+".andrewskiphttps://www.blogger.com/profile/15017346156705630180noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-26231759023150617212020-06-04T19:15:18.160+01:002020-06-04T19:15:18.160+01:00I did the pihole install. My mikrotik range is 192...I did the pihole install. My mikrotik range is 192.168.88.0, and I put my Pihole address to 192.168.88.150, getaway 192.168.88.1 (like mikrotik)<br />And now, how can I add address to my LTE1 interface ?Anonymoushttps://www.blogger.com/profile/15014549749862059716noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-21472937764853566632020-06-04T16:55:58.699+01:002020-06-04T16:55:58.699+01:00Hi, I am stuck at this point:
6. Configure network...Hi, I am stuck at this point:<br />6. Configure network access on the PC to allow RPi to reach the Internet - NAT or something<br /><br />And in step 4. After all boots up, you should be able to run ssh pi@raspberrypi.local (thanks mDNS!) with password raspberry<br /><br />I had to make SSH file on SD card (boot) to enable SSH, just a hint. (name ssh without extensions)<br /><br />Can I do that step when insert RPI to mikrotik, and how to change LTE adress in mikrotik? ThanksAnonymoushttps://www.blogger.com/profile/15014549749862059716noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-42506793908654408052020-04-06T20:52:33.364+01:002020-04-06T20:52:33.364+01:00Right, just figured out that I made a mistake in P...Right, just figured out that I made a mistake in Pi's IP address in firewall. Works great, thx!andrewskiphttps://www.blogger.com/profile/15017346156705630180noreply@blogger.comtag:blogger.com,1999:blog-1630534171443998118.post-66108501496064178412020-04-06T20:35:11.217+01:002020-04-06T20:35:11.217+01:00To recap:
- Pi and LTE1 interface are in the same ...To recap:<br />- Pi and LTE1 interface are in the same network subnet<br />- On the Pi (.53.53), the default gateway is set to .53.1<br />- The subnet used by Pi is different than your usual LAN<br />- You use NAT or MASQUERADE based on egress interface, not specific IP subnets - if you have by source subnet, then you need additional rule<br /><br />I have it set up like this and it works great. Have a try, especially make sure your Pi has LTE1 IP as default gateway and that NAT/MASQUERADE is set up correctly.Tomasz Miklashttps://www.blogger.com/profile/00221642679288385721noreply@blogger.com