I am setting up a rb750 and rb493. Both routers will have two networks on them one for public access that will need dhcp and one private network for corporate use (dhcp handled by the dc). The 750 and 493 will be connecting to each other across the internet. the 493 will have a static ip address. The corporate domain controller will sit behind the 493. Currently I have four routers with dd-wrt running on them to get this configuration to work. I would like to reduce my infrastructure to the two router boards but don’t know where to start with routerOS.
Could you provide a diagram with the interface name as well the ip address?
Here is a jpg of how I would like the network to look when completed. The static ip address of the 493 will be 65.208.xxx.xx. The vlan for the private network under the rb493 will be 192.168.5.xxx. The vlan for the public network under the rb493 will be 192.168.55.xxx. The vlan for the private network under the rb750 will be 192.168.4.xxx. The vlan for the public wireless under the rb750 will be 192.168.54.xxx. All networks will be a class c network. I hope this helps.
First nice diagram,
We have to breakdown this configuration into several step as follow :
-
Interfaces, as shown on your diagram you could arrange the interface physically connected to each routerboard and assign ip address on each. Just skip it if you done already
-
Setup dhcp server for both public access. If you would like to make it more simple you could create a hotspot. In example on rb 493 you could create bridge interface and add the ether2 and ether3 to this bridge. Next you could do a hotspot setup on this bridge interface. Dhcp setup will be automatically done by this hotspot setup. On the ether2 and ether3 you could connect the access point for 1st and 2nd floor and set on the access point to bridge the wireless interface to the ethernet interface.
-
Route the traffic on both LAN site. My Assumption you only have on RB493 a static public address. So in this RB493 you will need to setup a vpn server in example PPTP server. On RB750 you will need to create PPTP-Client. On established vpn connection you could make a static route to let both site to communicate with each other.
-
If needed, you could create a dhcp relay, in case the private ip lease centralize on the domain controller.
-
some time i don’t want to let client on the public network to reach my internal network. In this scenario we could set a firewall rules for example drop connection in-interface bridge (wireless hotspot) out-interface ether4 (ie ether4 is the interface connected to private lan).
Correct me if i’m wrong