Hello Sir,
I want the network to see each other 192.168.100.0/24 and 192.168.60.0/24
/interface bridge
add fast-forward=no name=LAN
add name=LAN2
0 interface=ether2-LAN bridge=LAN priority=0x80 path-cost=10 edge=auto point-to-point=auto external-fdb=auto horizon=none
auto-isolate=no
1 interface=ether3-LAN bridge=LAN priority=0x80 path-cost=10 edge=auto point-to-point=auto external-fdb=auto horizon=none
auto-isolate=no
2 interface=ether4-LAN bridge=LAN priority=0x80 path-cost=10 edge=auto point-to-point=auto external-fdb=auto horizon=none
auto-isolate=no
8 interface=ether9-LanTest bridge=LAN2 priority=0x80 path-cost=10 edge=auto point-to-point=auto external-fdb=auto horizon=none
auto-isolate=no
LAN2 can ping both gateway 100.0/24 and 60.0/24 network but pc cannot ping each or open shared files.
Can you tell me what i am missing. Thanks!
Re: Connecting subnet with 2 bridge help
Post an export of your config:
/export compact hide-sensitive
-Chris
/export compact hide-sensitive
-Chris
Re: Connecting subnet with 2 bridge help
My guess is that it's not a bridge that you need to pass traffic between the two LANs but a router. If your Mikrotik device is default gateway for both networks, then it should work without any additional setup (actually you have to make an effort to prevent it from doing it if that's not wanted). If your device is not default gateway for any of them, you'll need to configure the default gateways to use your Mikrotik device as a gateway for this particular LAN exchange point. Also in this case it should be configured as router not as bridge.
Bridge can join two layer2 networks, for example two ethernet broadcast domains (such as different VLANs) or different physical technologies (such as wlan and ethernet), they can not join two layer3 networks (such as IP networks with non-overlaping IP address space which is your case).
Even if both IP networks would share common physical network connections (e.g. coaxial ethernet), a layer3 router would still be needed for interconnection ... even if the router would see both networks through same physical network interface.
Even after you get to the point where any ordinary PCs can ping each other in both LANs, you migh have to fiddle with SMB, it has its own gotchas if PCs belong to different Windows domains and/or groups.
Bridge can join two layer2 networks, for example two ethernet broadcast domains (such as different VLANs) or different physical technologies (such as wlan and ethernet), they can not join two layer3 networks (such as IP networks with non-overlaping IP address space which is your case).
Even if both IP networks would share common physical network connections (e.g. coaxial ethernet), a layer3 router would still be needed for interconnection ... even if the router would see both networks through same physical network interface.
Even after you get to the point where any ordinary PCs can ping each other in both LANs, you migh have to fiddle with SMB, it has its own gotchas if PCs belong to different Windows domains and/or groups.
Re: Connecting subnet with 2 bridge help
Hi Chris thank you for replying
/ip dhcp-server network
add address=192.168.60.0/24 gateway=192.168.60.1
add address=192.168.90.0/24 comment="hotspot network" gateway=192.168.90.1
add address=192.168.100.0/24 gateway=192.168.100.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall address-list
add address=192.168.90.100 list="allow webproxy"
add address=192.168.90.100 disabled=yes list="Socia Media-Accept"
add address=192.168.90.101 disabled=yes list="Social Media Drop"
add address=192.168.90.102 disabled=yes list="Social Media Drop"
add address=192.168.90.253 disabled=yes list=Streaming-Drop
add address=192.168.90.253 disabled=yes list="Socia Media-Accept"
add address=192.168.90.253 disabled=yes list=Streaming-Allow
add address=192.168.100.86-192.168.100.200 list="same comment"
add address=192.168.100.0/24 list=DelMonte
add address=192.168.80.0/24 list=Banawe
add address=10.0.0.0/30 comment="IP Radio" list="IP Radio"
add address=192.168.0.0/24 comment="IP Radio" disabled=yes list="IP Radio"
add address=192.168.90.150-192.168.90.200 comment="::For Hotspot ISP2" list=HotspotISP2
add address=192.168.90.2-192.168.90.149 comment=":HP ISP1" list=HP-ISP1
add address=10.0.0.2 list=Fail-over
add address=192.168.80.0/24 list=Fail-over
add address=192.168.60.0/24 list=Accounting
add address=192.168.60.3 list=ACCT
/ip firewall filter
add action=accept chain=forward comment="Social Media Allow" layer7-protocol="Social Media" src-address-list="Socia Media-Accept"
add action=drop chain=forward comment="Social Media Drop" layer7-protocol="Social Media" src-address-list="Social Media Drop"
add action=drop chain=forward comment="Social Media Drop" disabled=yes layer7-protocol="Social Media" src-address-list="Social Media Drop PLDT2"
add action=accept chain=forward comment=Streaming-Allow layer7-protocol=Streaming src-address-list=Streaming-allow
add action=drop chain=forward comment="Streaming Drop" layer7-protocol=Streaming src-address-list=Streaming-Drop
add action=accept chain=input disabled=yes in-interface=LAN protocol=icmp
add action=accept chain=forward dst-address-list=ACCT out-interface=LAN2
add action=drop chain=forward dst-address-list=Accounting out-interface=LAN2
/ip firewall mangle
add action=mark-routing chain=prerouting comment="Going to ISP2" new-routing-mark=Hospot_to_ISP2 passthrough=no src-address-list=HotspotISP2
add action=mark-routing chain=prerouting comment="Going to ISP1" new-routing-mark=Hospot_to_ISP1 passthrough=no src-address-list=HP-ISP1
add action=accept chain=prerouting disabled=yes dst-address-list="IP Radio" log=yes log-prefix=radio src-address-list=DelMonte
add action=accept chain=prerouting comment="Connected Networks" dst-address-list=DelMonte src-address-list="IP Radio"
add action=accept chain=prerouting comment="Connected Networks" dst-address-list="IP Radio" src-address-list=DelMonte
add action=accept chain=prerouting comment="Connected Networks" dst-address-list=Banawe src-address-list=DelMonte
add action=accept chain=prerouting comment="Connected Networks" dst-address-list=DelMonte src-address-list=Banawe
add action=mark-connection chain=input in-interface=ether6-WAN2 new-connection-mark=ether6-WAN2 passthrough=yes
add action=mark-routing chain=output connection-mark=ether6-WAN2_conn new-routing-mark=to_ether6-WAN2 passthrough=yes
add action=accept chain=prerouting dst-address=1**.**.**.0/24 in-interface=LAN
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=LAN new-connection-mark=ether6-WAN2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=input in-interface=ether1-WAN new-connection-mark=ether1-WAN passthrough=yes
add action=mark-routing chain=output connection-mark=ether1-WAN_conn new-routing-mark=to_ether1-WAN passthrough=yes
add action=accept chain=prerouting dst-address=192.168.10.0/24 in-interface=LAN
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=LAN new-connection-mark=ether1-WAN_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=ether1-WAN_conn in-interface=LAN new-routing-mark=to_ether1-WAN passthrough=yes
add action=mark-routing chain=prerouting connection-mark=ether6-WAN2_conn in-interface=LAN new-routing-mark=to_ether6-WAN2 passthrough=yes
add action=mark-routing chain=prerouting new-routing-mark=to_ether6-WAN2 passthrough=yes src-address-list="same comment"
add action=mark-routing chain=prerouting connection-mark=ether6-WAN2_conn in-interface=LAN new-routing-mark=to_ether6-WAN2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=ether1-WAN_conn in-interface=LAN new-routing-mark=to_ether1-WAN passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-WAN
add action=masquerade chain=srcnat out-interface=ether6-WAN2 to-addresses=192.168.100.160-192.168.100.170
add action=masquerade chain=srcnat out-interface=ether6-WAN2 src-address=192.168.100.0/24 src-address-list="same comment"
add action=masquerade chain=srcnat comment="Turn on to Failover NOW INTERNET" disabled=yes out-interface=ether6-WAN2 to-addresses=192.168.100.160-192.168.100.170
add action=masquerade chain=srcnat comment="masquerade hotspot network" src-address=192.168.90.0/24
add action=masquerade chain=srcnat comment="Fail Over NAT Banawe" disabled=yes out-interface=ether1-WAN src-address-list=Banawe
add action=masquerade chain=srcnat comment="Fail-over NAT" out-interface=ether6-WAN2 src-address-list=Fail-over
/ip route
add check-gateway=ping comment="For Hotspot to ISP2 main" distance=1 gateway=1**.**.**.** routing-mark=Hospot_to_ISP2
add check-gateway=ping comment="For Hotspot to ISP2 backup" distance=10 gateway=192.168.10.1 routing-mark=Hospot_to_ISP2
add check-gateway=ping comment="For Hotspot to ISP1 main" distance=1 gateway=192.168.10.1 routing-mark=Hospot_to_ISP1
add check-gateway=ping comment="For Hotspot to ISP1 Backup" distance=10 gateway=1**.**.**.** routing-mark=Hospot_to_ISP1
add check-gateway=ping distance=1 gateway=1**.**.**.** routing-mark=to_ether6-WAN2
add check-gateway=ping distance=1 gateway=192.168.10.1 routing-mark=to_ether1-WAN
add check-gateway=ping disabled=yes distance=1 gateway=192.168.10.1 routing-mark=to_ether1-WAN
add disabled=yes distance=1 gateway=192.168.10.1 routing-mark=to_
add check-gateway=ping distance=2 gateway=1**.**.**.**
add check-gateway=ping distance=10 gateway=10.0.0.2
add check-gateway=ping disabled=yes distance=2 gateway=192.168.10.1
add check-gateway=ping disabled=yes distance=1 gateway=192.168.10.1,1**.**.**.**,Hotspot
add disabled=yes distance=1 gateway=192.168.10.1
add check-gateway=ping distance=10 dst-address=192.168.80.0/24 gateway=10.0.0.2
add disabled=yes distance=1 dst-address=192.168.88.0/24 gateway=10.0.0.2
/interface bridge
add fast-forward=no name=Hotspot
add fast-forward=no name=LAN
add name=LAN2
/interface ethernet
set [ find default-name=ether1 ] comment="Connected to PLDT" name=ether1-WAN
set [ find default-name=ether2 ] name=ether2-LAN
set [ find default-name=ether3 ] name=ether3-LAN
set [ find default-name=ether4 ] name=ether4-LAN
set [ find default-name=ether5 ] advertise=100M-half,100M-full,1000M-half,1000M-full name=ether5-IPRadio
set [ find default-name=ether6 ] comment="Connected to NOW" name=ether6-WAN2
set [ find default-name=ether9 ] name=ether9-LanTest
/ip pool
add name=dhcp_pool3 ranges=192.168.100.201-192.168.100.254
add name=hs-pool-13 ranges=192.168.90.2-192.168.90.254
add name=dhcp_pool12 ranges=192.168.60.100-192.168.60.150
/ip dhcp-server
add address-pool=dhcp_pool3 authoritative=after-2sec-delay disabled=no interface=LAN lease-time=1d name=dhcp3
add address-pool=hs-pool-13 authoritative=after-2sec-delay disabled=no interface=Hotspot lease-time=1h name=dhcp1
add address-pool=dhcp_pool12 disabled=no interface=LAN2 name=dhcp2
/interface bridge port
add bridge=LAN interface=ether2-LAN
add bridge=LAN interface=ether3-LAN
add bridge=LAN interface=ether4-LAN
add bridge=Hotspot interface=ether7
add bridge=Hotspot interface=ether8
add bridge=LAN interface=ether10
add bridge=LAN2 interface=ether9-LanTest
/ip address
add address=192.168.100.1/24 comment="LAN NETWORK" interface=LAN network=192.168.100.0
add address=192.168.80.1/24 comment="Mezanine Network" disabled=yes interface=ether2-LAN network=192.168.80.0
add address=192.168.90.1/24 comment="3rd Floor Network" disabled=yes interface=ether3-LAN network=192.168.90.0
add address=1**.**.**.**0/24 interface=ether6-WAN2 network=1**.**.**.*
add address=192.168.90.1/24 comment="Hotspot Network" interface=Hotspot network=192.168.90.0
add address=10.0.0.1/30 comment="IPRadio Point to Point IP" interface=ether5-IPRadio network=10.0.0.0
add address=192.168.60.1/24 interface=ether9-LanTest network=192.168.60.0
1**.**.** is our public IP. im noob in network please correct if there are some missing or needs to be change.
/ip dhcp-server network
add address=192.168.60.0/24 gateway=192.168.60.1
add address=192.168.90.0/24 comment="hotspot network" gateway=192.168.90.1
add address=192.168.100.0/24 gateway=192.168.100.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall address-list
add address=192.168.90.100 list="allow webproxy"
add address=192.168.90.100 disabled=yes list="Socia Media-Accept"
add address=192.168.90.101 disabled=yes list="Social Media Drop"
add address=192.168.90.102 disabled=yes list="Social Media Drop"
add address=192.168.90.253 disabled=yes list=Streaming-Drop
add address=192.168.90.253 disabled=yes list="Socia Media-Accept"
add address=192.168.90.253 disabled=yes list=Streaming-Allow
add address=192.168.100.86-192.168.100.200 list="same comment"
add address=192.168.100.0/24 list=DelMonte
add address=192.168.80.0/24 list=Banawe
add address=10.0.0.0/30 comment="IP Radio" list="IP Radio"
add address=192.168.0.0/24 comment="IP Radio" disabled=yes list="IP Radio"
add address=192.168.90.150-192.168.90.200 comment="::For Hotspot ISP2" list=HotspotISP2
add address=192.168.90.2-192.168.90.149 comment=":HP ISP1" list=HP-ISP1
add address=10.0.0.2 list=Fail-over
add address=192.168.80.0/24 list=Fail-over
add address=192.168.60.0/24 list=Accounting
add address=192.168.60.3 list=ACCT
/ip firewall filter
add action=accept chain=forward comment="Social Media Allow" layer7-protocol="Social Media" src-address-list="Socia Media-Accept"
add action=drop chain=forward comment="Social Media Drop" layer7-protocol="Social Media" src-address-list="Social Media Drop"
add action=drop chain=forward comment="Social Media Drop" disabled=yes layer7-protocol="Social Media" src-address-list="Social Media Drop PLDT2"
add action=accept chain=forward comment=Streaming-Allow layer7-protocol=Streaming src-address-list=Streaming-allow
add action=drop chain=forward comment="Streaming Drop" layer7-protocol=Streaming src-address-list=Streaming-Drop
add action=accept chain=input disabled=yes in-interface=LAN protocol=icmp
add action=accept chain=forward dst-address-list=ACCT out-interface=LAN2
add action=drop chain=forward dst-address-list=Accounting out-interface=LAN2
/ip firewall mangle
add action=mark-routing chain=prerouting comment="Going to ISP2" new-routing-mark=Hospot_to_ISP2 passthrough=no src-address-list=HotspotISP2
add action=mark-routing chain=prerouting comment="Going to ISP1" new-routing-mark=Hospot_to_ISP1 passthrough=no src-address-list=HP-ISP1
add action=accept chain=prerouting disabled=yes dst-address-list="IP Radio" log=yes log-prefix=radio src-address-list=DelMonte
add action=accept chain=prerouting comment="Connected Networks" dst-address-list=DelMonte src-address-list="IP Radio"
add action=accept chain=prerouting comment="Connected Networks" dst-address-list="IP Radio" src-address-list=DelMonte
add action=accept chain=prerouting comment="Connected Networks" dst-address-list=Banawe src-address-list=DelMonte
add action=accept chain=prerouting comment="Connected Networks" dst-address-list=DelMonte src-address-list=Banawe
add action=mark-connection chain=input in-interface=ether6-WAN2 new-connection-mark=ether6-WAN2 passthrough=yes
add action=mark-routing chain=output connection-mark=ether6-WAN2_conn new-routing-mark=to_ether6-WAN2 passthrough=yes
add action=accept chain=prerouting dst-address=1**.**.**.0/24 in-interface=LAN
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=LAN new-connection-mark=ether6-WAN2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=input in-interface=ether1-WAN new-connection-mark=ether1-WAN passthrough=yes
add action=mark-routing chain=output connection-mark=ether1-WAN_conn new-routing-mark=to_ether1-WAN passthrough=yes
add action=accept chain=prerouting dst-address=192.168.10.0/24 in-interface=LAN
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=LAN new-connection-mark=ether1-WAN_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=ether1-WAN_conn in-interface=LAN new-routing-mark=to_ether1-WAN passthrough=yes
add action=mark-routing chain=prerouting connection-mark=ether6-WAN2_conn in-interface=LAN new-routing-mark=to_ether6-WAN2 passthrough=yes
add action=mark-routing chain=prerouting new-routing-mark=to_ether6-WAN2 passthrough=yes src-address-list="same comment"
add action=mark-routing chain=prerouting connection-mark=ether6-WAN2_conn in-interface=LAN new-routing-mark=to_ether6-WAN2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=ether1-WAN_conn in-interface=LAN new-routing-mark=to_ether1-WAN passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-WAN
add action=masquerade chain=srcnat out-interface=ether6-WAN2 to-addresses=192.168.100.160-192.168.100.170
add action=masquerade chain=srcnat out-interface=ether6-WAN2 src-address=192.168.100.0/24 src-address-list="same comment"
add action=masquerade chain=srcnat comment="Turn on to Failover NOW INTERNET" disabled=yes out-interface=ether6-WAN2 to-addresses=192.168.100.160-192.168.100.170
add action=masquerade chain=srcnat comment="masquerade hotspot network" src-address=192.168.90.0/24
add action=masquerade chain=srcnat comment="Fail Over NAT Banawe" disabled=yes out-interface=ether1-WAN src-address-list=Banawe
add action=masquerade chain=srcnat comment="Fail-over NAT" out-interface=ether6-WAN2 src-address-list=Fail-over
/ip route
add check-gateway=ping comment="For Hotspot to ISP2 main" distance=1 gateway=1**.**.**.** routing-mark=Hospot_to_ISP2
add check-gateway=ping comment="For Hotspot to ISP2 backup" distance=10 gateway=192.168.10.1 routing-mark=Hospot_to_ISP2
add check-gateway=ping comment="For Hotspot to ISP1 main" distance=1 gateway=192.168.10.1 routing-mark=Hospot_to_ISP1
add check-gateway=ping comment="For Hotspot to ISP1 Backup" distance=10 gateway=1**.**.**.** routing-mark=Hospot_to_ISP1
add check-gateway=ping distance=1 gateway=1**.**.**.** routing-mark=to_ether6-WAN2
add check-gateway=ping distance=1 gateway=192.168.10.1 routing-mark=to_ether1-WAN
add check-gateway=ping disabled=yes distance=1 gateway=192.168.10.1 routing-mark=to_ether1-WAN
add disabled=yes distance=1 gateway=192.168.10.1 routing-mark=to_
add check-gateway=ping distance=2 gateway=1**.**.**.**
add check-gateway=ping distance=10 gateway=10.0.0.2
add check-gateway=ping disabled=yes distance=2 gateway=192.168.10.1
add check-gateway=ping disabled=yes distance=1 gateway=192.168.10.1,1**.**.**.**,Hotspot
add disabled=yes distance=1 gateway=192.168.10.1
add check-gateway=ping distance=10 dst-address=192.168.80.0/24 gateway=10.0.0.2
add disabled=yes distance=1 dst-address=192.168.88.0/24 gateway=10.0.0.2
/interface bridge
add fast-forward=no name=Hotspot
add fast-forward=no name=LAN
add name=LAN2
/interface ethernet
set [ find default-name=ether1 ] comment="Connected to PLDT" name=ether1-WAN
set [ find default-name=ether2 ] name=ether2-LAN
set [ find default-name=ether3 ] name=ether3-LAN
set [ find default-name=ether4 ] name=ether4-LAN
set [ find default-name=ether5 ] advertise=100M-half,100M-full,1000M-half,1000M-full name=ether5-IPRadio
set [ find default-name=ether6 ] comment="Connected to NOW" name=ether6-WAN2
set [ find default-name=ether9 ] name=ether9-LanTest
/ip pool
add name=dhcp_pool3 ranges=192.168.100.201-192.168.100.254
add name=hs-pool-13 ranges=192.168.90.2-192.168.90.254
add name=dhcp_pool12 ranges=192.168.60.100-192.168.60.150
/ip dhcp-server
add address-pool=dhcp_pool3 authoritative=after-2sec-delay disabled=no interface=LAN lease-time=1d name=dhcp3
add address-pool=hs-pool-13 authoritative=after-2sec-delay disabled=no interface=Hotspot lease-time=1h name=dhcp1
add address-pool=dhcp_pool12 disabled=no interface=LAN2 name=dhcp2
/interface bridge port
add bridge=LAN interface=ether2-LAN
add bridge=LAN interface=ether3-LAN
add bridge=LAN interface=ether4-LAN
add bridge=Hotspot interface=ether7
add bridge=Hotspot interface=ether8
add bridge=LAN interface=ether10
add bridge=LAN2 interface=ether9-LanTest
/ip address
add address=192.168.100.1/24 comment="LAN NETWORK" interface=LAN network=192.168.100.0
add address=192.168.80.1/24 comment="Mezanine Network" disabled=yes interface=ether2-LAN network=192.168.80.0
add address=192.168.90.1/24 comment="3rd Floor Network" disabled=yes interface=ether3-LAN network=192.168.90.0
add address=1**.**.**.**0/24 interface=ether6-WAN2 network=1**.**.**.*
add address=192.168.90.1/24 comment="Hotspot Network" interface=Hotspot network=192.168.90.0
add address=10.0.0.1/30 comment="IPRadio Point to Point IP" interface=ether5-IPRadio network=10.0.0.0
add address=192.168.60.1/24 interface=ether9-LanTest network=192.168.60.0
1**.**.** is our public IP. im noob in network please correct if there are some missing or needs to be change.
Re: Connecting subnet with 2 bridge help
Hi Mkx, This is clear but the problem is how can i do that? thanksMy guess is that it's not a bridge that you need to pass traffic between the two LANs but a router. If your Mikrotik device is default gateway for both networks, then it should work without any additional setup (actually you have to make an effort to prevent it from doing it if that's not wanted). If your device is not default gateway for any of them, you'll need to configure the default gateways to use your Mikrotik device as a gateway for this particular LAN exchange point. Also in this case it should be configured as router not as bridge.
Bridge can join two layer2 networks, for example two ethernet broadcast domains (such as different VLANs) or different physical technologies (such as wlan and ethernet), they can not join two layer3 networks (such as IP networks with non-overlaping IP address space which is your case).
Even if both IP networks would share common physical network connections (e.g. coaxial ethernet), a layer3 router would still be needed for interconnection ... even if the router would see both networks through same physical network interface.
Even after you get to the point where any ordinary PCs can ping each other in both LANs, you migh have to fiddle with SMB, it has its own gotchas if PCs belong to different Windows domains and/or groups.
Re: Connecting subnet with 2 bridge help
The fact that you can ping both PCs from inside the router but not from PC to PC is your first clue. Something in your config is doing this.
Start with ping, don't worry that file sharing isn't working. If you can ping both PCs from inside the router, then they should be able to ping each other (this eliminates something happening on the PC OS that might be blocking pings).
I didn't spend a lot of time looking at your config. You said you're a "noob", but this is not really the config of a noob. Since you didn't do export and paste the whole thing, there might be something missing.
I think if you start from something simple in a test setup (put 192.168.100.1/24 on one interface and 192.168.60.1/24 on another) and make sure both PCs can ping each other, the next step is to start applying the rest of the config until it breaks, then you've found the problem.
Start with ping, don't worry that file sharing isn't working. If you can ping both PCs from inside the router, then they should be able to ping each other (this eliminates something happening on the PC OS that might be blocking pings).
I didn't spend a lot of time looking at your config. You said you're a "noob", but this is not really the config of a noob. Since you didn't do export and paste the whole thing, there might be something missing.
I think if you start from something simple in a test setup (put 192.168.100.1/24 on one interface and 192.168.60.1/24 on another) and make sure both PCs can ping each other, the next step is to start applying the rest of the config until it breaks, then you've found the problem.
Re: Connecting subnet with 2 bridge help
Local PC's from 192.168.100.1/24 can ping and access while they cannot see the 192.168.60.1/24 and can't ping gatewayThe fact that you can ping both PCs from inside the router but not from PC to PC is your first clue. Something in your config is doing this.
Start with ping, don't worry that file sharing isn't working. If you can ping both PCs from inside the router, then they should be able to ping each other (this eliminates something happening on the PC OS that might be blocking pings).
I didn't spend a lot of time looking at your config. You said you're a "noob", but this is not really the config of a noob. Since you didn't do export and paste the whole thing, there might be something missing.
I think if you start from something simple in a test setup (put 192.168.100.1/24 on one interface and 192.168.60.1/24 on another) and make sure both PCs can ping each other, the next step is to start applying the rest of the config until it breaks, then you've found the problem.
The 192.168.60.1/24 can ping both gateway of 192.168.100.1 and 192.168.60.1 but cannot see the pc from 192.168.100.1/24
This should be simple but I cant figure it out.
thank you for your reply