I’m scratching my head trying to figure out how to get access to my cable modems status page (which uses a fixed private LAN address of http://192.168.100.1) but is on the external side of the router. I’m not sure if the problem is a missing/conflicting route(s), or one of the firewall rules, or …
I’ve got some networking experience but it’s been maybe 12 years since I was configuring Cisco routers routinely so I’m very rusty.
The router is a RB750G upgraded to RouterOs 5.5 and with fairly minor tweaks (e.g. disabling unneeded packages (hotspot, ppp, mpls) and setting my own address range for ether2-local-master and the DHCP server) to the standard out of the box configuration.
See if you could ping 192.168.100.1 from your router. If you can, which you should, since it would be a strait cable in between, then probably there is no route on your cable modem pointing to ip of the interface on the internal side of your mikrotik.
i did this. just add 192.168.100.2 to your external interface. i cant remember if i needed a srcnat rule as well … depends if your modem has any route tables in it or not.
Ah, multi home the external interface, presumably with a tight mask (e.g. 192.168.100.2/30)? Very clever, I’ll have to try that.
I was thinking along the lines of a point to point route but struggling with how to define it properly.
I’m scratching my head over how this worked with the old LinkSys router, and all I can figure is that instead of routing to a specific upstream destination it just blindly routed anything that was outside the internal address space through the uplink port.
either that, or action=accept so that it doesnt nat it. you could also use src-nat and to-address=192.168.100.2 so that anything going to that IP doesnt get natted. I am pretty sure I didnt even need that, the modem just returned the traffic autoamtically.
While setting up the router and changing the addresses from the default 192.168.88.0/24 net to match the rest of my systems, I opened up the net mask to /16 and added a secondary address of 192.168.88.2 for eth0:0 on my Linux workstation. So the gateway never even got the packets to route…
Terribly sorry… 