First of all: yep, i used the search function and this unfortunately did not solve my problem.
so:
we’re having a mikrotik router, which is running routerOS 6.15. It has 1 SFP (well two, but only one is in use) and 10 RJ45 ports. because we like to work with another firewall, we’d like to use the router just as bridge. means, all the traffic will be forwarded to an ethernet port, which is connected to the firewall. problem: this seems not to work.
with default configuration, the router becomes an ip from our isp. thats fine. when i reconfigure the router as bridge (webgui), my firewall is not able to receive an ip (it’s done by dhcp from our isp). this happens even if i release the ip from the router.
i’ve also tried, to configure the two ports sfp1 (connetced with our isp) und eth1 (connected with our firewall) as a switch, like suggested here: http://blog.bravi.org/?p=303 . But my firewall still cannot get an ip from our isp, nor is it able to ping the gateway or something else, when i define a static ip.
also tried to disable firewall, but did not work. what else should i try / should work? what’s the best solution?
Something doesn’t add up here. You say you want the router to act as a bridge because you have another firewall. Then you say that your MT router gets an IP from your ISP and that one of the SFP-ports are hooked up to your ISP.
Is your router sitting in front of your firewall?
A question you may want to ask yourself is “Why do I want a router to act as a switch?”. If you don’t have a good answer to that question, you are probably better off getting a real switch instead.
we have this router, because (one of) our ISPs is supporting FTTH (fiber-to-the-home) and uses this type of router, to to ‘switch’ between fiber and copper. I assume, they normal approach for them will be to use the router as router, but we have a firewall without fiber-ports and we wanna be able to control everything on the firewall (pf-sense based fw).
Network looks like this:
FTTH-Connection → RB 201 1UiAS-RM → PFSense-FW.
I’ve often used installations like this with ADSL and stuff like this. The way i did this back then was to bridge the crappy ISP router devise and did all the pppoe magic on the firewall. that’s what i also tried here, but it didn’t work.
I would take a look at the configuration of the RB? Maybe your ISP is doing something more than just straight DHCP over the upstream link. Could be any number of things, but if your RB is capable of getting a link and an IP, you should be able to find the right “magic” in the original configuration.