I am looking for some design assistance. We have a customer that wanted a private transport link (bridged connection) across our Wireless Network. We have Mikrotik’s at both towers and have each of this customers sites plugged in to an ethernet port on our routers. We then created an EOIP Tunnel between the two routers for their data, which is working fine. However, this customers does not want their data filtered in any way. The problem comes with that we have other customers connected behind these routers that we do want to firewall/filter. What is the best practices method for creating a private transport link and bypassing the firewalls on each router?
If the EoIP interface is bridged to an Ether port then the layer 2 traffic passing through that path will not use IP Firewall by default. However, that may bypass your bandwidth restrictions so the full solution may be more involved.
The EOIP Tunnel is bridged to a VLAN on each router. And yes, we are using simple queues on those interfaces. I need to find a way to ensure all layer2-3 traffic makes it across their connection and isn’t prohibited by the routers firewall. I just can’t wrap my head around the right way to do it.