the router/firewall that is conneted to the ISP Cable is not a mikrotik, it is a symantec gateway security 360.
In testing, I ended up adding a route for 192.168.1.0 with gateway of 10.10.10.5 this is ether1 ( RB153 at rental house)
Ether 2 is not bridged to ether 1. I was just thinking that I could bridge it and then make tell this RB to drop all data to the 10.10.10.X range from ether 2 as to not allow ether 2 users access to my lan.
I can access that RB from my lan by going to 192.168.1.1 so the route works.
I still wanted to keep the 10.10.10.x range invisible to ether 2 at the rental.
However, if it is bridged, what is stopping my symantec from assigning Ip’s over that ether 2 since it is bridged, ( Again, IF I add ether 2 to the bridge ports, it is not right now)
At the end of the day, is it easier to change the topology of the network to a routed one?