I want to be able to ping from one subnet to another. I have been reading and experimenting to no avail and I am starting to think that maybe I am missing something very basic. I have tried NAT rules, IP routing, firewall rules, etc., you name it. What I want to do is to be able to ping from the 192.168.1.1/24 subnet to the other computers in the other subnets. Here is my set up.
[table][tr][td]Ports[/td]
[td]LANs[/td]
[td]Comments[/td]
[/tr]
[tr][td]1[/td]
[td]VLAN10, VLAN30, VLAN40[/td]
[td]Office Trunk[/td]
[/tr]
[tr][td]2[/td]
[td]VLAN10, VLAN20, VLAN30[/td]
[td]Gym Trunk[/td]
[/tr]
[tr][td]3[/td]
[td]VLAN20[/td]
[td]Housing[/td]
[/tr]
[tr][td]4[/td]
[td]VLAN40[/td]
[td]To Sign[/td]
[/tr]
[tr][td]5 & 6[/td]
[td]DISABLED[/td]
[td]DISABLED[/td]
[/tr]
[tr][td]7[/td]
[td]Direct[/td]
[td]Direct[/td]
[/tr]
[tr][td]8[/td]
[td]WAN[/td]
[td]WAN[/td]
[/tr]
[/table]
[table][tr][td]VLAN10 - Work[/td]
[td]192.168.1.1[/td]
[/tr]
[tr][td]VLAN20 - Housing[/td]
[td]10.10.20.1[/td]
[/tr]
[tr][td]VLAN30 - Guest[/td]
[td]10.10.30.1[/td]
[/tr]
[tr][td]VLAN40 Sign[/td]
[td]172.16.192.1[/td]
[/tr]
[tr][td]Direct port[/td]
[td]192.168.21.1[/td]
[/tr]
[/table]
/interface ethernet
set [ find default-name=ether1 ] comment="Office Trunk - VLAN 10,30,40"
set [ find default-name=ether2 ] comment="Gym Trunk - VLAN 10,20,30" master-port=ether1
set [ find default-name=ether3 ] comment="Housing - VLAN20" master-port=ether1
set [ find default-name=ether4 ] comment="Sign - VLAN40" master-port=ether1
set [ find default-name=ether5 ] comment=Disabled disabled=yes
set [ find default-name=ether6 ] comment=Disabled disabled=yes
set [ find default-name=ether7 ] comment=Direct
set [ find default-name=ether8 ] comment=WAN
set [ find default-name=sfp1 ] disabled=yes
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=ether8
/interface vlan
add interface=ether1 mtu=1504 name=VLAN10-Work vlan-id=10
add interface=ether1 mtu=1504 name=VLAN20-Housing vlan-id=20
add interface=ether1 mtu=1504 name=VLAN30-Guest vlan-id=30
add interface=ether1 mtu=1504 name=VLAN40-Sign vlan-id=40
/ip address
add address=192.168.1.1/24 interface=VLAN10-Work network=192.168.1.0
add address=10.10.20.1/24 interface=VLAN20-Housing network=10.10.20.0
add address=10.10.30.1/24 interface=VLAN30-Guest network=10.10.30.0
add address=172.16.192.1/24 interface=VLAN40-Sign network=10.10.40.0
add address=192.168.21.1/24 interface=ether7 network=192.168.21.0
/interface ethernet switch port
set 0 vlan-header=add-if-missing vlan-mode=secure
set 1 vlan-header=add-if-missing vlan-mode=secure
set 2 default-vlan-id=20 vlan-header=always-strip vlan-mode=secure
set 3 default-vlan-id=40 vlan-header=always-strip vlan-mode=secure
set 4 vlan-mode=secure
/interface ethernet switch vlan
add independent-learning=yes ports=ether1,ether2,switch1-cpu switch=switch1 vlan-id=10
add independent-learning=yes ports=ether2,ether3,switch1-cpu switch=switch1 vlan-id=20
add independent-learning=yes ports=ether1,ether2,switch1-cpu switch=switch1 vlan-id=30
add independent-learning=yes ports=ether1,ether4,switch1-cpu switch=switch1 vlan-id=40
/ip pool
add name=vlan10 ranges=192.168.1.10-192.168.1.100
add name=vlan20 ranges=10.10.20.20-10.10.20.200
add name=vlan30 ranges=10.10.30.10-10.10.30.200
add name=vlan40 ranges=172.16.192.10-10.10.40.100
add name=direct ranges=192.168.21.10-192.168.21.100
/ip dhcp-server
add address-pool=direct disabled=no interface=ether7 name=direct
add address-pool=vlan10 disabled=no interface=VLAN10-Work lease-time=3d name=vlan10
add address-pool=vlan20 disabled=no interface=VLAN20-Housing lease-time=3d name=vlan20
add address-pool=vlan30 disabled=no interface=VLAN30-Guest lease-time=3d name=vlan30
add address-pool=vlan40 disabled=no interface=VLAN40-Sign lease-time=3d name=vlan40
/ip dhcp-server network
add address=10.10.20.0/24 dns-server=208.67.222.222,208.67.222.220 gateway=10.10.20.1
add address=10.10.30.0/24 dns-server=208.67.222.222,208.67.222.220 gateway=10.10.30.1
add address=172.16.192.0/24 dns-server=208.67.222.222,208.67.222.220 gateway=172.16.192.1
add address=192.168.1.0/24 dns-server=208.67.222.222,208.67.222.220 gateway=192.168.1.1
add address=192.168.21.0/24 gateway=192.168.21.1
/ip firewall nat
add action=masquerade chain=srcnat