Hi Masters,
My name is Wojtek and I am doing my best to manage my private network 
I have just upgraded my mikrotik switch to the hAP ax^3 [MT] 192.168.88.1 router to extend coverage of the WiFi in my “sleeping room”.
Everything went well but for some reason I have lost ability to map drives on [RYZ] 192.168.88.254 from 2 samba shares on [NAS] 192.168.0.77.
I am able to open the address 192.168.0.77 in my browser.
I am open to any support
I think in the firewall of the 192.168.0.1 you need a forward rule to allow 192.168.88.0/24 to the NAS.
Can you explain why you are using two routers in the network?
Thanks erlinden,
Would you please guide me through the process? Is below option the proper one on the router?
I must admit that I have no inkling how to do it…
But it’s worth to mention - I like to learn so you can be pretty sure that I am not going to bother anyone else with the same question 
In response to your question - why two routers? It’s pretty simple - I had them in the shack, I needed two locations covered with Wi-Fi and third one - I must admit that I already managed of how to limit internet access to my teenager son in case he misbehave. Fortunately the first router has this option quite easy to configure.
I will ask another question ( which is actually - I believe - the same one erlinden asked but worded differently).
Do you really need to use two distinct networks (192.168.0.0/24 and 192.168.88.0/24)?
It is of course doable, but It adds complexity to the setup.
“Teenage Mess”. lol. I dont think the mess is located in “Teenage Mess” room. Using the new ax3 as router in “Sleeping Room” is the mess here.
What model of router do you have attached to the internet?
Guys!
First and foremost - thanks for taking such a good care of me
@jaclaz “Do you really need to use two distinct networks (192.168.0.0/24 and 192.168.88.0/24)?” - no idea, it was always like that. New router, new subnet. I always was afraid of “IP Conflict” monsters 
Remember - all of this have been wirtten by an amateur.
@anav “What model of router do you have attached to the internet?” - Mi AIoT Router AX3600
@infabo “Using the new ax3 as router in “Sleeping Room” is the mess here.” - so my layman’s approach requires a condemnation and exorcism??
Any way to repent for my sins…?
For simple setups, there Is only one device that acts as router, this Is either the ISP modem/router or - if that device Is used only essentially as modem/adapter, the first device behind It, vital as firewall.
This device Is the border between WAN (outside, here be lions) and LAN (inside, home).
Everything below Is (should be) - conceptually - on a same subnet, i.e. all connections should be switched, not routed.
Of course there can be reasons why one would want to run two (or more) separate networks and route between them, but if there are no such reasons (like It seems specifically in your case) It Is only a complication.
You replaced a switch with a router, but since this new device Is a highly configurable one, all you need to do Is configuring it as switch and have only one network, the “main” 192.168.0.0/24, that allows for 254 devices, which should be enough for a home, every device can see and connect to every other one, as simple as It can be.
Jaclaz,
How to do it on hAP ax^3?
Typically you add all ports to the bridge and disable the DHCP server, the device will become a “switch”.
The DHCP client that normally runs on ether1 can then be removed (it should become disabled anyway the moment ether1 becomes slave to the bridge).
The device should be “pass-through” regarding DHCP, i.e. a device connected to the bridge should connect to the primary DHCP server (your ISP router).
Firewall rules and nat can be left there (they won’t do anything) or removed.
You could have an IP address (static) assigned to this bridge or set the DHCP client on it, but there is not a real need for a switch to have an IP address, Winbox can connect to it via MAC just fine.
Or -depending on your needs - you could keep an ethernet port out of the bridge to use it as management port, possibly with static IP address, configuring Winbox, SSH, etc. to only be accessible through that port, the only way to modify the configuration of the device becomes physically connecting a PC to that specific port, and - additionally - you could limit that access to only a specific given IP (that you have to assign manually to the PC network card).
Be careful if you take this last option, as it is easy enough to get locked out of a Mikrotik device in case of misconfiguration.
Thank you Jaclaz,
One last question before I jump into your solution:
I just found out that I can easily scan, find, add and explore shared drives on my NAS with X-plore/Total commander on my android tablet and phone connected via wifi to the same mikrotik router!!
So for my simple mind that’s a hint that there may be something wrong with my PC running Win11…
Do you think that with SMBv1 and SMBv2 enabled, computer within same workgroup should map network drives with no issues?
Cannot really say.
Windows (not only 10/11, also - though in a minor way - also Vista and 7) has a lot of complications related to networking, like the differences between private and public network and in 10 and 11 additionally there are some default rules in the internal firewall that may well prevent some types of connections.
Or It could be some Group Policy.
You could try if you can connect with ssh to the NAS, but if the issue Is on the Windows settings It won’t be easy to pinpoint the culprit.
If you search for issues with samba in Windows 11 you will find lots of people reporting similar problems, examples ( not necessarily your case):
https://askubuntu.com/questions/1497332/cannot-connect-to-samba-share-from-windows-11-have-tried-everything
https://community.spiceworks.com/t/windows-11-cant-connect-to-ubuntu-samba-shares/958426