Cannot access to WIFI from vlan

fedkor · August 14, 2018, 6:22am

Hello I have got topology as shown below. The internet (like www.google.com) work for LAN network (192.168.10.0/24). The main problem is WIFI (172.16.0.0/24) I can access to internet on smartphone in applications like facebook, instagram etc. but when I want to use a web browser and try access to www.google.com or something else nothing happend. On firewall I can see that DNS request was successfully sent but there is no response. On firewall there is a policy that allows traffic for TCP, UDP, DNS, HTTP, HTTPS so I do not know where can be problem. Maybe in NAT? Because I translate private address to private address on firewall and then translate private address (from firewall) to public address.

Can somebody help me please?

Thank you

jwier92 · August 14, 2018, 11:15am

I have a few questions based on your topology:

Why are you doing NAT at both locations? I assume by looking at your configuration that the Mikrotik is just doing 1:1 NAT, Filter Rules are doing nothing, because they are all Accept. That will bring me to the second question.
What is the purpose of the Mikrotik router? Only two reasons I can think of to put a router outside a firewall and that would be to handle future multiple Internet providers or your firewall cannot handle the delivery media.
Would it be possible to swap the Firewall with the router? This depends on the last question in the purpose of the router, just asking.