Accesing Router Gateway Archer C20 from Another IP
Posted: Thu May 21, 2020 4:26 am
Hello,
Right now i have a ISP, Mikrotik Haplite Router, Archer C20 Router for External AP only and Switch Gigabit at home.
My default ISP Gateway is - 192.168.1.1 | Port 1
Port 1, 2, 3, and 4 on the Mikrotik Haplite was bridged. But port 1 has a different bridge group. 2, 3 and 4 were bridge together in 1 group
I have 2 Lan Gateway and DHCP is only enabled at haplite. ISP and Archer c20 were turned off.
First gateway is 192.168.0.1 - STATIC for PC Only and the other one is 192.168.2.1 - Every other devices such as phones that will be connected to wifi external ap of archer be redirected to here and i have only 1 pool 192.168.2.2-2.54.
The other ports were just extra incase and right now Port 1 and Port 3 were only active. The port 3 is connected to the switch hub from Haplite to the hub and then my archer is connected to the switch hub.
Now my problem is. I have an archer c20 router. The Gateway is 192.168.0.5
I want my mobile devices 192.168.2.0/24 to be able to acces the gateway 192.168.0.5 for the purpose of turning on the 5ghz band or turning it off. Don't ask me why and idk how to do it.
Right now i have a ISP, Mikrotik Haplite Router, Archer C20 Router for External AP only and Switch Gigabit at home.
My default ISP Gateway is - 192.168.1.1 | Port 1
Port 1, 2, 3, and 4 on the Mikrotik Haplite was bridged. But port 1 has a different bridge group. 2, 3 and 4 were bridge together in 1 group
I have 2 Lan Gateway and DHCP is only enabled at haplite. ISP and Archer c20 were turned off.
First gateway is 192.168.0.1 - STATIC for PC Only and the other one is 192.168.2.1 - Every other devices such as phones that will be connected to wifi external ap of archer be redirected to here and i have only 1 pool 192.168.2.2-2.54.
The other ports were just extra incase and right now Port 1 and Port 3 were only active. The port 3 is connected to the switch hub from Haplite to the hub and then my archer is connected to the switch hub.
Now my problem is. I have an archer c20 router. The Gateway is 192.168.0.5
I want my mobile devices 192.168.2.0/24 to be able to acces the gateway 192.168.0.5 for the purpose of turning on the 5ghz band or turning it off. Don't ask me why and idk how to do it.
Code: Select all
/interface bridge
add name="Bridge Lan Hub"
add name="Bridge WAN Browsing"
/interface ethernet
set [ find default-name=ether3 ] name="LAN HUB SWITCH"
set [ find default-name=ether1 ] name="PLDT BROWSING"
set [ find default-name=ether2 ] name="Port 2 Lan 1"
set [ find default-name=ether4 ] name="Port 4 Lan 2"
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip firewall layer7-protocol
add name="Facebook Streaming" regexp=videoplayback|video|watch|myday
add name=bittorrent regexp="^(\13bittorrent protocol|azver1\$|get /scrape\\\\\?info_hash=)|d1:ad2:id20:|87P\\)[RP]"
add name=torrentsites regexp="^.*(get|GET).+(torrent|thepiratebay|isohunt|entertane|demonoid|btjunkie|mininova|flixflux|torrentz|vertor|h33t|btscene|bitunity|bittoxic|thunderbytes|entertane|zoozle|vcdq|bitnova|bitsoup|meganova|fulldls|btbot|flixflux|\
seedpeer|fenopy|gpirate|commonbits).*\$"
add comment=download name=high regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|0[0-9][1-9]|flv|mkv|avi|mp4|3gp|rmvb|mp3|img|dat|mov).*\$"
add comment=download name=document regexp="^.*get.+\\.(pdf|doc|docx|xlsx|xls|rtf|ppt|ppt).*\$"
add comment="block porn" name=Porn regexp="^.+(porn|xnxx|muyzorras|petardas|xhamster|tube8|cumlouder|bravoteens|redtube|playboyplus|babesofindia|firstanaldate|amateursraw|gfhardcore|).*\$"
add name=Ext regexp=\
"^.*get.+\\.(gz|exe|rar|obb|apk|zip|7z|cab|asf|mov|wmv|mpg|mpeg|img|pdf|doc|docx|xlsx|xls|rtf|ppt|pptx|mkv|avi|flv|wav|rm|mp3|mp4|ram|rmvb|dat|daa|iso|nrg|bin|vcd|mp2|3gp|mpe|qt|raw|wma|ogg|deb|tar|bzip|gzip|gzip2|0[0-9][0-9]).*\$"
add name=L7-Torrent regexp="^(\\x13bittorrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?info_hash=|get /client/bitcomet/|GET /data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[RP]"
/ip pool
add name=Phones ranges=192.168.2.2-192.168.2.254
/ip dhcp-server
add add-arp=yes address-pool=Phones disabled=no interface="Bridge Lan Hub" name=dhcp1
/queue simple
add max-limit=2M/5M name=PC1 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.34/32
add max-limit=2M/5M name=PC2 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.35/32
add max-limit=2M/5M name=PC3 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.36/32
add max-limit=2M/5M name=PC4 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.37/32
add max-limit=2M/5M name=PC5 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.38/32
add max-limit=2M/5M name=PC6 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.39/32
add max-limit=2M/5M name=PC7 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.40/32
add max-limit=2M/5M name=PC8 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.41/32 time=0s-1d,sun,mon,tue,wed,thu,fri,sat
add max-limit=2M/5M name=PC9 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.42/32
add max-limit=2M/5M name=PC10 packet-marks="Browsing-Connection,Facebook Streaming,Streaming-Connection,Other Connection" priority=1/1 target=192.168.0.43/32
/queue type
set 0 pfifo-limit=20
add kind=pcq name="PCQ-D 90M BROWSING" pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-rate=90M pcq-src-address6-mask=64
add kind=pcq name="PCQ-U 45M BROWSING" pcq-classifier=src-address pcq-dst-address6-mask=64 pcq-rate=45M pcq-src-address6-mask=64
/queue tree
add max-limit=100M name="PLDT BROWSING DL" parent="Bridge Lan Hub" queue=default
add max-limit=45M name="PLDT BROWSING UP" parent="Bridge WAN Browsing" queue=default
add name="Games Connection" packet-mark="Games Connection" parent="PLDT BROWSING DL" priority=1 queue="PCQ-D 90M BROWSING"
add name="Games Connection UP" packet-mark="Games Connection" parent="PLDT BROWSING UP" priority=1 queue="PCQ-U 45M BROWSING"
add comment="==================================" max-limit=80M name="Browsing Bandwidth Control" parent="PLDT BROWSING DL" queue=default
add max-limit=40M name="Browsing Bandwidth Control UP" parent="PLDT BROWSING UP" queue=default
add name="Browsing Connection" packet-mark=Browsing-Connection parent="Browsing Bandwidth Control" priority=2 queue="PCQ-D 90M BROWSING"
add name="Streaming Connection" packet-mark=Streaming-Connection parent="Browsing Bandwidth Control" priority=6 queue="PCQ-D 90M BROWSING"
add name="Other Connection" packet-mark="Other Connection" parent="Browsing Bandwidth Control" queue="PCQ-D 90M BROWSING"
add name="Streaming Connection UP" packet-mark=Streaming-Connection parent="Browsing Bandwidth Control UP" priority=6 queue="PCQ-U 45M BROWSING"
add comment="==================================" name="Browsing Connection UP" packet-mark=Browsing-Connection parent="Browsing Bandwidth Control UP" priority=2 queue="PCQ-U 45M BROWSING"
add name="Other Connection UP" packet-mark="Other Connection" parent="Browsing Bandwidth Control UP" queue="PCQ-U 45M BROWSING"
add name="Facebook Streaming" packet-mark="Facebook Streaming" parent="Browsing Bandwidth Control" priority=6 queue="PCQ-D 90M BROWSING"
add name="Facebook Streaming UP" packet-mark="Facebook Streaming" parent="Browsing Bandwidth Control UP" priority=6 queue="PCQ-U 45M BROWSING"
/interface bridge port
add bridge="Bridge Lan Hub" interface="LAN HUB SWITCH"
add bridge="Bridge WAN Browsing" interface="PLDT BROWSING"
add bridge="Bridge Lan Hub" interface="Port 4 Lan 2"
add bridge="Bridge Lan Hub" interface="Port 2 Lan 1"
/ip address
add address=192.168.2.1/24 interface="Bridge Lan Hub" network=192.168.2.0
add address=192.168.1.2/24 interface="Bridge WAN Browsing" network=192.168.1.0
add address=192.168.0.1/24 interface="Bridge Lan Hub" network=192.168.0.0
/ip arp
add address=192.168.0.33 interface="Bridge Lan Hub" mac-address=00:D8:61:73:D7:7D
add address=192.168.0.34 interface="Bridge Lan Hub" mac-address=00:D8:61:73:D8:1E
add address=192.168.0.35 interface="Bridge Lan Hub" mac-address=00:D8:61:73:D9:69
add address=192.168.0.45 interface="Bridge Lan Hub" mac-address=00:D8:61:73:D7:11
/ip cloud
set ddns-enabled=no
/ip dhcp-server lease
add address=192.168.0.46 client-id=1:28:c2:dd:11:7a:7b comment=Laptop mac-address=28:C2:DD:11:7A:7B server=dhcp1
add address=192.168.0.47 mac-address=1C:1B:0D:11:EB:BA server=dhcp1
/ip dhcp-server network
add address=192.168.0.0/24 dns-server=1.1.1.1,8.8.8.8 gateway=192.168.0.1
add address=192.168.1.0/24 dns-server=1.1.1.1,8.8.8.8 gateway=192.168.1.1
add address=192.168.2.0/24 dns-server=1.1.1.1,8.8.8.8 gateway=192.168.2.1
/ip dns
set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8
/ip firewall address-list
add address=31.13.77.0/24 list="FB "
add address=192.168.0.44 disabled=yes list=Support/Admins
add address=192.168.0.46 disabled=yes list=Support/Admins
add address=192.168.0.33 disabled=yes list=Support/Admins
add address=192.168.1.1 disabled=yes list=ISP
add address=192.168.0.1 list=Mikrotik
add address=47.74.171.0/24 list=MLIP
add address=169.57.253.0/24 list=MLIP
add address=169.46.167.0/24 list=MLIP
add address=169.44.24.0/24 list=MLIP
add address=169.57.143.0/24 list=MLIP
add address=45.43.50.0/24 list=MLIP
add address=107.155.9.0/24 list=MLIP
add address=161.117.71.0/24 list=MLIP
add address=47.74.170.0/24 list=MLIP
add address=129.227.103.0/24 list=MLIP
add address=45.40.48.0/24 list=MLIP
add address=45.40.51.0/24 list=MLIP
add address=199.190.44.0/24 list=MLIP
add address=103.193.127.0/24 list=MLIP
add address=128.1.68.0/24 list=MLIP
add address=45.43.51.0/24 list=MLIP
add address=119.81.244.0/24 list=MLIP
add address=159.253.134.0/24 list=MLIP
add address=23.248.168.0/24 list=MLIP
add address=161.202.43.0/24 list=MLIP
add address=159.122.113.0/24 list=MLIP
add address=128.14.140.0/24 list=MLIP
add address=161.202.207.0/24 list=MLIP
add address=107.155.39.0/24 list=MLIP
add address=169.56.72.41 list=MLIP
add address=122.10.135.0/24 list=MLIP
add address=119.81.72.0/24 list=MLIP
add address=3.6.184.0/24 list=MLIP
add address=164.52.2.0/24 list=MLIP
add address=128.1.120.0/24 list=MLIP
add address=128.1.75.0/24 list=MLIP
add address=103.96.77.0/24 list=MLIP
add address=107.155.14.0/24 list=MLIP
add address=103.96.78.0/24 list=MLIP
add address=148.153.34.0/24 list=MLIP
add address=117.58.222.0/24 list=MLIP
add address=169.56.147.0/24 list=MLIP
add address=119.81.28.0/24 list=MLIP
add address=107.155.20.0/24 list=MLIP
add address=122.10.248.0/24 list=MLIP
add address=156.236.93.0/24 list=MLIP
add address=128.1.78.0/24 list=MLIP
add address=185.23.183.0/24 list=MLIP
add address=mobilelegends.com list=MLIP
add address=m.mobilelegends.com list=MLIP
add address=128.1.87.0/24 list=MLIP
add address=169.197.97.0/24 list=MLIP
add address=168.1.197.0/24 list=MLIP
add address=161.202.241.0/24 list=MLIP
add address=23.236.118.0/24 list=MLIP
add address=129.227.96.0/24 list=MLIP
add address=128.14.212.0/24 list=MLIP
add address=107.155.5.0/24 list=MLIP
add address=161.202.62.0/24 list=MLIP
add address=169.56.72.0/24 list=MLIP
add address=161.202.213.0/24 list=MLIP
add address=169.56.133.0/24 list=MLIP
add address=185.115.211.124 list=MLIP
add address=107.155.6.0/24 list=MLIP
add address=129.227.33.0/24 list=MLIP
add address=164.52.120.0/24 list=MLIP
add address=128.1.160.0/24 list=MLIP
add address=23.248.186.0/24 list=MLIP
add address=169.57.173.0/24 list=MLIP
add address=169.50.189.0/24 list=MLIP
add address=169.46.198.0/24 list=MLIP
add address=45.43.34.0/24 list=MLIP
add address=45.43.33.0/24 list=MLIP
add address=119.81.162.0/24 list=MLIP
add address=169.44.97.0/24 list=MLIP
add address=161.202.49.0/24 list=MLIP
add address=161.202.48.0/24 list=MLIP
add address=122.10.249.0/24 list=MLIP
add address=119.81.224.0/24 list=MLIP
add address=169.56.131.0/24 list=MLIP
add address=1.1.1.1 list=DOMAIN
add address=1.0.0.1 list=DOMAIN
add address=192.168.2.0/24 list="ALL ANDROID"
add address=169.46.132.0/24 list=MLIP
add address=119.81.81.0/24 list=MLIP
add address=169.50.23.0/24 list=MLIP
add address=169.56.136.0/24 list=MLIP
add address=15.206.36.0/24 list=MLIP
add address=37.58.76.0/24 list=MLIP
add address=122.2.210.0/24 list=MLIP
add address=169.46.180.0/24 list=MLIP
add address=161.202.217.0/24 list=MLIP
add address=3.6.186.0/24 list=MLIP
add address=3.6.142.0/24 list=MLIP
add address=192.168.0.0/24 list="All PC"
add address=speedtest.net list=Speedtest
add address=192.168.2.2 disabled=yes list=Support/Admins
add address=192.168.2.44 disabled=yes list=Support/Admins
/ip firewall filter
add action=accept chain=input comment="icmp rul" connection-state="" disabled=yes protocol=icmp
add action=accept chain=input comment=established connection-state=established disabled=yes
add action=accept chain=input comment=related connection-state=related disabled=yes
add action=accept chain=input comment=new connection-state=new disabled=yes
add action=drop chain=input connection-state=invalid disabled=yes
add action=fasttrack-connection chain=forward comment="Fasstrack DNS" dst-port=53 protocol=udp
add action=fasttrack-connection chain=forward comment="Fasstrack DNS" dst-port=53 protocol=tcp
add action=drop chain=input disabled=yes dst-address-list=Mikrotik port=21,22,23,80,8291 protocol=tcp src-address-list=!Support/Admins
add action=drop chain=forward disabled=yes dst-address-list=PLDT port=21,22,23,80,8291 protocol=tcp src-address-list=!Support/Admins
add action=reject chain=forward disabled=yes dst-address-list=Speedtest dst-port=80,8080,443 protocol=tcp reject-with=tcp-reset src-address-list=!Support/Admins
/ip firewall mangle
add action=mark-connection chain=prerouting comment=DNS dst-port=53 new-connection-mark=DNS passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment=DNS dst-port=53 new-connection-mark=DNS passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment=DNS connection-mark=DNS new-packet-mark=DNS passthrough=no
add action=mark-connection chain=prerouting comment="Facebook Streaming" layer7-protocol="Facebook Streaming" new-connection-mark="Facebook Streaming" passthrough=yes
add action=mark-packet chain=prerouting connection-mark="Facebook Streaming" new-packet-mark="Facebook Streaming" passthrough=no
add action=mark-connection chain=prerouting comment="Browsing Connection" dst-port=80,8080,5222,5228,5223,443 new-connection-mark=Browsing-Connection passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=Browsing-Connection new-packet-mark=Browsing-Connection passthrough=no
add action=mark-connection chain=prerouting comment="Streaming Connection" dst-port=443 new-connection-mark=Streaming-Connection passthrough=yes protocol=udp
add action=mark-packet chain=prerouting connection-mark=Streaming-Connection new-packet-mark=Streaming-Connection passthrough=no
add action=mark-connection chain=prerouting comment="Games Port" dst-address-list=MLIP new-connection-mark="Games Connection" passthrough=yes src-address-list="ALL ANDROID"
add action=mark-connection chain=prerouting new-connection-mark="Games Connection" passthrough=yes protocol=icmp src-address-list="ALL ANDROID"
add action=mark-connection chain=prerouting dst-port=5000-5200,5300-5350,5360-5600,10003,24000-24200,30000-30100 new-connection-mark="Games Connection" passthrough=yes protocol=udp
add action=mark-connection chain=prerouting dst-port=2099,9080-9081,5000-5200,5300-5350,5360-5600,6568,10003,30000-30100 new-connection-mark="Games Connection" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-port=27015-27100 new-connection-mark="Games Connection" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting dst-port=27015-27100 new-connection-mark="Games Connection" passthrough=yes protocol=udp
add action=mark-connection chain=prerouting comment=PUBG dst-port=3013,8011,9030,10000-10002,10004-18999,20000-21000 new-connection-mark="Games Connection" passthrough=yes protocol=tcp src-address=192.168.2.0/24
add action=mark-connection chain=prerouting comment=PUBG dst-port=3013,8011,9030,10000-10002,10004-18999,20000-21000 new-connection-mark="Games Connection" passthrough=yes protocol=udp src-address=192.168.2.0/24
add action=mark-connection chain=prerouting comment=CF dst-port=10009,3008,16666,28012,9110,10008 new-connection-mark="Games Connection" passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment=CF dst-port=12020-12080,13000-13080,13006,18009 new-connection-mark="Games Connection" passthrough=yes protocol=udp
add action=mark-packet chain=prerouting connection-mark="Games Connection" new-packet-mark="Games Connection" passthrough=no
add action=mark-connection chain=prerouting comment="Management/Internal Router Traffic" dst-port=8291,5353,5354,43000-45000 new-connection-mark="Management/Internal Router Traffic" passthrough=no protocol=tcp
add action=mark-connection chain=prerouting comment="Other Traffic" connection-mark=no-mark new-connection-mark="Other Connection" passthrough=yes
add action=mark-packet chain=prerouting connection-mark="Other Connection" new-packet-mark="Other Connection" passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface="Bridge WAN Browsing"
add action=redirect chain=dstnat disabled=yes dst-port=53 protocol=udp to-ports=53
add action=redirect chain=dstnat disabled=yes dst-port=53 protocol=tcp to-ports=53
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
set udplite disabled=yes
set dccp disabled=yes
set sctp disabled=yes
/ip route
add check-gateway=ping comment=ISP1 distance=1 gateway="192.168.1.1%Bridge WAN Browsing"
/ip service
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set winbox address=192.168.0.44/32,192.168.0.46/32,192.168.0.47/32,192.168.0.45/32,192.168.0.33/32,192.168.2.44/32
set api-ssl disabled=yes
/system clock
set time-zone-name=Asia/Manila
/system identity
set name="Wang Yeo"
/system routerboard settings
set cpu-frequency=750MHz