MikroTik

Posted: **Thu Jun 09, 2016 11:30 pm**

Hi,

i cannot ping from PC1 (192.168.1.11) on eth1(bridge PRIVATE, mikrotik 192.168.1.7) to 192.168.77.3 on eth4(bridge WIFI, mikrotik 192.168.77.1).
Neither can I ping to mikrotik address 192.168.77.1.

Where am I missing?

Thank you

/ip address
add address=192.168.77.1/24 interface="Bridge HOTSPOT" network=192.168.77.0
add address=192.168.1.7/24 interface="Bridge PRIVATE" network=192.168.1.

/ip route
add distance=1 gateway=192.168.1.2 routing-mark=12345
add distance=1 gateway=192.168.1.1

/ip firewall mangle
add action=mark-routing chain=prerouting new-routing-mark=12345 src-address=192.168.77.0/24

/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established
add chain=input comment="default configuration" connection-state=related

/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes to-addresses=0.0.0.0
add action=masquerade chain=srcnat out-interface="Bridge PRIVATE" src-address=192.168.77.0/24 to-addresses=0.0.0.0

/ip dhcp-server network
add address=192.168.1.0/24 dns-server=192.168.1.7 gateway=192.168.1.7
add address=192.168.3.0/24 dns-server=192.168.3.1 gateway=192.168.3.1
add address=192.168.77.0/24  dns-server=192.168.77.1 gateway=192.168.77.

Posted: **Tue Jun 14, 2016 6:45 pm**

How come the gateways are the same?

Posted: **Tue Jun 14, 2016 6:54 pm**

It's because of policy routing. Anything in the 77 network is forced to use the routing table 12345, which doesn't contain any of your locally-connected subnets. (not even 77)

Make a routing rule:
/ip route rule add dst-address=192.168.0.0/16 action=lookup-only-in-table table=main

MikroTik

Cannot ping to other subnet

Cannot ping to other subnet

Re: Cannot ping to other subnet

Re: Cannot ping to other subnet