Community discussions

MikroTik App
  4. RouterOS
  5. Scripting

Help needed - Routing to connected networks doesn't work!

Post Reply
 
DRep
newbie
Topic Author
Posts: 40
Joined: Sun Jan 27, 2013 2:41 am

Help needed - Routing to connected networks doesn't work!

Sat Dec 21, 2013 9:12 pm

I have a RB1200 with some connected networks like 10.10.4.0, 10.10.3.0 and 10.10.2.0 and some more.
All devices I do see in the ARP section.
I have from all devices access to WAN, which are on 2 different networks (10.0.0.0 and 10.9.9.0).
I'm using the WAN Load Balancer of Zaib (http://aacable.wordpress.com/2011/07/27 ... t-by-zaib/).
All works fine!

The only limitation I have is that I can not access devices from 10.10.4.0 out of the 10.10.2.0 Network or in any other combination.
I guess it is based on the prerouting used by the Load Balancing script.

Can anybody help me and tell me how to overcome that situation? I need to access the devices from one to the other network.
Do I need to add additional mangle rules? If yes How would they look like?
Or do I need any other configuration?

Thank you for your help.
Top
 
efaden
Forum Guru
Forum Guru
Posts: 1708
Joined: Sat Mar 30, 2013 1:55 am
Location: New York, USA

Re: Help needed - Routing to connected networks doesn't work

Sat Dec 21, 2013 10:26 pm

I have a RB1200 with some connected networks like 10.10.4.0, 10.10.3.0 and 10.10.2.0 and some more.
All devices I do see in the ARP section.
I have from all devices access to WAN, which are on 2 different networks (10.0.0.0 and 10.9.9.0).
I'm using the WAN Load Balancer of Zaib (http://aacable.wordpress.com/2011/07/27 ... t-by-zaib/).
All works fine!

The only limitation I have is that I can not access devices from 10.10.4.0 out of the 10.10.2.0 Network or in any other combination.
I guess it is based on the prerouting used by the Load Balancing script.

Can anybody help me and tell me how to overcome that situation? I need to access the devices from one to the other network.
Do I need to add additional mangle rules? If yes How would they look like?
Or do I need any other configuration?

Thank you for your help.

Post your config (export) and routing table. I'm not familiar with his PCC method, but I'll look at the config.
Top
 
DRep
newbie
Topic Author
Posts: 40
Joined: Sun Jan 27, 2013 2:41 am

Re: Help needed - Routing to connected networks doesn't work

Sat Dec 21, 2013 10:55 pm

here are the relevant parts:
Code: Select all
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
 tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=\
 10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
 tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
 udp-stream-timeout=3m udp-timeout=10s
/ip firewall mangle
add action=mark-connection chain=input disabled=no in-interface=WAN1 \
 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input disabled=no in-interface=WAN2 \
 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn disabled=no \
 new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn disabled=no \
 new-routing-mark=to_WAN2 passthrough=yes
add action=accept chain=prerouting disabled=no dst-address=10.0.0.0/24
add action=accept chain=prerouting disabled=no dst-address=10.9.9.0/24
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local \
 new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=\
 both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local \
 new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=\
 both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn disabled=no \
 new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn disabled=no \
 new-routing-mark=to_WAN2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=WAN1
add action=masquerade chain=srcnat disabled=no out-interface=WAN2
/

I'm using v5.11 and not sure how to post the Routing table here.
Top
 
DRep
newbie
Topic Author
Posts: 40
Joined: Sun Jan 27, 2013 2:41 am

Re: Help needed - Routing to connected networks doesn't work

Wed Dec 25, 2013 2:55 pm

Any hint for me please!
:?:
I know it is a bad time, but anyone who can help these days?
Top
 
DRep
newbie
Topic Author
Posts: 40
Joined: Sun Jan 27, 2013 2:41 am

Re: Help needed - Routing to connected networks doesn't work

Sun Dec 29, 2013 8:15 pm

:?:
Top
 
User avatar
c0d3rSh3ll
Long time Member
Long time Member
Posts: 557
Joined: Mon Jul 25, 2011 9:42 pm
Location: [admin@Chile] >

Re: Help needed - Routing to connected networks doesn't work

Sun Dec 29, 2013 9:12 pm

Add a mangle rule for all your internal network with accept action like this

add chain=prerouting dst-addres=yourNetwork action=accept

Put it in the top of your rules.


Send from my mobile phone using Tapatalk.
Top
 
DRep
newbie
Topic Author
Posts: 40
Joined: Sun Jan 27, 2013 2:41 am

Re: Help needed - Routing to connected networks doesn't work

Tue Dec 31, 2013 4:21 pm

Thank you,
that solved the Problem.
Top
Post Reply

Who is online

Users browsing this forum: DenSyo77 and 8 guests
  4. RouterOS
  5. Scripting