multiple subnets on multiple ports - make them talk.

m1993 · August 20, 2018, 10:50am

Hello,

I know this question was many times there but I am still not able to make my router work as I need.

I have router ccr1016.

I need easy setup. One subnet on ether1 second subnet on ether2, third subnet on ether3 etc. make them talk.

I read something about bridge (for communication between two subnets on different ports but I cannot use bridge..)

I also read multiple “routing” topics but nothing helped.

From router I am able to ping everything but hosts on different subnets are not able to talk to each other.

My current configuration:

[admin@MikroTik] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                                                                                                                       
 0   ;;; defconf
     192.168.88.1/24    192.168.88.0    ether1                                                                                                                                          
 1   192.168.14.100/24  192.168.14.0    ether4                                                                                                                                          
 2   192.168.12.100/24  192.168.12.0    ether2

[admin@MikroTik] /ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADC  192.168.12.0/24    192.168.12.100  ether2                    0
 1  DC  192.168.14.0/24    192.168.14.100  ether4                  255
 2 ADC  192.168.88.0/24    192.168.88.1    ether1                    0

I tried to configure fw (nats), add routes rules etc. I think it must be easy (cause it is common issue) but I am not able to make it work.

Thank you in advance.

Marek

AminYounessi · August 28, 2018, 4:00am

Hi,

Can i ask you that in your client side’s did you configure gateway for your client’s or not?

Best Regards,

Steveocee · August 28, 2018, 6:10am

The subnets on each port only need a router between them to talk to each other. Thankfully you have that.
By its nature the CCR should try to route between the subnets unless you have stopped them from talking to each other.

Can you post more config?

solar77 · August 28, 2018, 7:24am

as Steveocee suggested, by default the Mikrotik should allow communication between its subnets unless there is a firewall rule stops that.
by the look of your routing table, the router knows exactly where to forward packet if you wish to go to a particular subnet.

without seeing your firewall rules, my best guess is you don’t have or dropped the return path to source IP. so add masquerade

 /ip firewall nat add action=masquerade out-interface=ether2

this may give you access to subnet on either2 .

only a guess