First let me say I am new to routerOS. Here is my setup. I have a 493Ah router, I have eth1 set for my outside public address(24.214.202.118), and my isp hands me another subnet(69.73.91.17-30) pointed to the outside address. I have configured a bridge of ports eth2-4, and have assigned eth2 69.73.91.17.All that works fine. I have an IP3 authentication gateway(69.73.91.19 public side and 10.0.0.0/8 on the internal side of the IP3) plugged into eth2. The IP3 does nat and authenticates my end users. I have a link from eth3 to my internal network(cisco 2950 switch just layer 2) for my business customers who have their own routers with static 69.73.91.x addresses point to 69.73.91.17 gw. Here is my issue: when I plug this in, I get arp entries for my internal users that show up as the outside mac address of my IP3, when they should be arping the internal 10.x.x.x address of the IP3. I was plugged directly into the cisco and could not ping the cisco, as I was getting the mac of the outside interface of the ip3. If I did an arp -d , I could get 1 ping and then request time outs. My switches show no loops or stp errors. Anyone have any ideas? I know the ip3 is the issue, and that is why I am putting in the mikrotik, to migrate off the ip3. Thanks for any suggestions anyone may have. My thoughts are to vlan off the business sites. Maybe someone can share how to configure vlan on mikrotik to a cisco, or what I would need mikrotik wise at the customer side to be a vlan switch. Is it just 802.1q tagging???
Let me ask this also, can I have 2 eth ports on the same subnet on the mikrotik, ie 69.73.91.17 say on eth4 and 69.73.91.18 on eth5? That way I could hang the ip3 on eth4 and my businesses on eth5(with a vlan).

Thanks for any help on this..

Alan Long