Ok, I've searched the forums (hence picking the best Subject title), read the topics, tried the rules, studied the rules, tried variations of them, read what links I can find on it... I think I now sort of understand the problem, however my issue might not be as simple as the others for which these have worked, therefore I'm starting this topic with my configuration in the hopes someone can assist me, and that future users with a similar setup will find it useful.
With that out of the way, firstly my setup summary:
2 LANs separated from each other, 192.168.1.0/24 and 192.168.2.0/24, they must be seperate.
2 WANs (currently, pretty soon 3, perhaps a 4th later), with one WAN using two ethernet ports with pppoe, and the other WAN is just ethernet with a DHCP client.
1 Empty Bridge Interface (The Mikrotik documentation says that this is the recommended way to assign IPv4 addresses to the RB that aren't specific to one interface, so decided this was the best solution as to where to define my public /27 range for my multi-connection WAN)
Now, everything is working as I'd hoped, except of course (like others) when attempting to access servers using the public IP from either of the two LANs for servers in either.
Lan1 Client - > Lan1 Server
Lan1 Client - > Lan2 Server
Lan2 Client - > Lan2 Server
Lan2 Client - > Lan1 Server
As I'm using multiple IPs, I'm therefore using SRC-NAT on the multiple IP WAN to ensure all outbound traffic comes from a specific IP (except for some services, such as SMTP that instead go out from one of the others in the range), for the other WAN it's a dynamic IP so I just use masquerade for that one.
I've used articles on the Wiki to setup typical filter rules, there's an allow for simply TCP and UDP, once I've got everything sorted, I'll begin to tighten this down and remove the all-tcp and all-udp rules.
In my NAT, I have dst-nat rules for my various servers and services, using the Dst. Address as the one I want from the /27 range. Further down, I then have my Src-NAT rules for setting the IP's that connections come from, firstly specific ones for services from some servers, eg SMTP servers, then a specific IP for the dual ISP connection, then just an ordinary masquerade for the DHCP ISP.
I know there's Split DNS etc. but in a multi-lan, multi-wan it's a headache, and as many have pointed out, this "just works" in commercial home routers.
I'm trying to work out a way to find what's happening (or not), I've tried Torch, Packet Sniffer, PS shows a connection from the local client to the Public IP, but then nothing else.
My log doesn't show it's being dropped, I'm a bit hesitant to post my rules up here... I was hoping there's a tool to track whats going on with a connection in the RB to work out what's going wrong.