Hey,
I have 2 different networks, lets say N1 and N2.
I need to connect them to each other, but PC from N1 must have access on PC from N2 (opposite too).
They should see only each other, not whole networks.
What type of mikrotik do I have to buy?
Diagram in attachments.
From functional point of view any mikrotik with at least 2 ethernet ports will do. From performance point of view they are not same after all, you will use it as router/firewall, which does stress device more than simple switching traffic. So it depends on what kind of performance you expect from it.
What you try to achieve is really complicated,
is more simple to add 2nd ethernet on both and place one cable directly between the two PC (and MikroTik).
This is easy peasy via firewall rules.
Typically we have a last rule in our firewall forward chain that is a block all else rule.
Just before this rule we would make one that basically states.
Allow PC1 on network 1 to access PC2 on network 2.
What isnt clear to me though is if you want it as a one way connection or two way.
By that I mean can both initiate a connection (responses are always allowed) .
add action=accept chain=forward in-interface=network1 src-address=IPofPC1 out-interface=network2 dst-address=IPofPC2
Is the general idea.
By the way, I saw Rextended’ house pictures, this is what it looked like.
Aka, some of us dont have the luxury of having our houses wired internally within the rooms (vice in the walls) 
Thanks anav,
I need them to communicate two way, so basically all I need to do is add this FW rule?
add action=accept chain=forward in-interface=network1 src-address=IPofPC1 out-interface=network2 dst-address=IPofPC2
You need to add more rules than this one - maybe check this post first?
With a stateful firewall, “to communicate two way” and “to be able to initiate a new connection from eithe side” are not exactly the same thing.
Corrected and just to be clear if PC1 initiates a session with PC2, the all the responses to that traffic are automatically accepted (from PC2 to PC1).
Thus if in reality its PC1 always first contacting then only one rule is needed.
Well, actually I need them to be able to initiate a new connection from either side. Sometimes will PC2 initiate sessions, but mostly it will be PC1. So I need both of them to initiate session.