MikroTik

Hello-

I'm running a routerboard 532 with three interfaces right now.

The interfaces are setup like so:

WAN - Fiber connection to internet - X.X.167.114/30
LAN - servers and colocation (public IP addresses) - X.X.49.1/24 and X.X.59.1/24
WLAN - WISP network (public ip addresses) - X.X.196.1/24

ARP is set to "enabled" on all three interfaces. The only routes I have are the default routes added by setup.

Our core wireless equipment on the WLAN side of the network is running in the 10.1.1.0/24 range. Customers on this network use public addresses from the subnet listed above.

What do I all need to do to allow me to access the 10.1.1.0/24 equipment from the LAN network? I've played around with some static routes but I couldn't get anything to work.

Thanks!

As long as the equipment on the WLAN side has a default route back to your core router, your core router should know very well how to route you.

The question would be, what is x.x.196.1/24, and how does 10.1.1.0/24 talk to x.x.196.1/24...

Unless you have NAT somewhere, you must be able to do with with pretty straight forward routing...

The x.x.196.1/24 addresses are public IPs used by the end users equipment (router).

The 10.1.1.0/24 address are only for the management of the equipment and it never contacts anything in the x.x.196.1/24 range.

I added 10.1.1.1/24 as an IP address on the WLAN interface and the devices are using this address as their gateway. I can contact this equipment when i'm inside that network but I can't contact it from the LAN interface.

I can ping 10.1.1.1 from inside the LAN network, but nothing else in that range. When I try to ping one of my devices such as 10.1.1.10 I receive this error:

"Reply from X.X.49.1: Destination host unreachable."

Any ideas?

You need add a default policy route 0.0.0.0/0 to whatever your default GW is.

Thom

My router project has only two interfaces (ehter1 and wlan1) but I'm also having difficulties in routing between those two interfaces.
I went from the default out of the box state which had the ether1 interface (on the router board) and the wlan1 interface (on the daughterboard in the minipci socket). Using setup, I assigned IP address 192.168.0.239/30 (part of an existing network) to the ether1 interface. I did not assign a gateway address at this time.
I set wlan1 to have an IP address of 10.1.0.1/30. I can use any computer in the 192 subnet and ping the .239 interface just fine, but cannot ping the 10.1.0.1 interface.
I thought the default routes that MT sets up when you assign IP addresses to the interfaces would automatically "connect" the two interfaces, so if a packet for an interface is inbound on the other interface, the router will automatically forward it. But, this appears not to be the case?

Looking for wisdom!

Jon

arizonajon -

Using setup, I assigned IP address 192.168.0.239/30 (part of an existing network) to the ether1 interface. I did not assign a gateway address at this time.

Ok - so add the gateway - sure the MT knows about your network but it doesn't know where to send things that it does not reconize.

I thought the default routes that MT sets up when you assign IP addresses to the interfaces would automatically "connect" the two interfaces, so if a packet for an interface is inbound on the other interface, the router will automatically forward it. But, this appears not to be the case?

It is the case but you still have to tell it where to send things that it does not know about through the routing chain. Sure it 'knows' that 192.168....is on one interface, and it knows that 10.1.0.xxx is on the other, but it does not know what you want to do w/packets that arrive w/diffent IP source addresses than the interface has.

So go to winbox, click on IP, click on routes, select the rules tab. Put 0.0.0.0/0 in Src Address, put 0.0.0.0/0 in the Dst Address. In the action, select Lookup, and in table select Main.

And lastly so that you netwok can traverse interfaces... Either your core router needs to know where to send packets destined for 10.1.0.0/30 or your need to add a src nat rule in the firewall section on you MT to src nat your 10.1.0.0/30 ips to 192.168.xxx addresses.

****I also noticed that in your first post you said 10.1.0.0/24 now you're saying 10.1.0.1./30 which is it? Also in your original post you did not mention a 192.168 network but now you have one and it's only a /30... You need to tell a little more about your network - not the public IPs bit the rest otherwise anything we suggest will just be a guess. ****

So arizonajon - are you going ot give us the real setup so we can help?

Thom