We recently purchased a RB3011UiAS-RM router. I’m new to the world of RouterOS and I need some help to get me started with a specific WAN connection. Hope you can help me out here.
Here’s the situation.
We have a (business) connection to glas fiber with a Dutch provider called Ziggo. Ziggo send me the following data.
Assigned IP range 212.178.10.128/29 (Gateway on .129 | our router IP .130 | Broadcast on .135 | mask 255.255.255.248)
The above is clear to me. Here’s where it gets confusing.
Apart from the above they provide me with the following network data.
P2P range (of Ziggo):
Demarcation IP: 212.178.125.204/30
Next hop: Next hop: 212.178.125.205
Router on client side: 212.178.125.206
We want to use NAT for our LAN.
From the best I can understand is that I would need to place a router or firewall in front of the Mikrotik router that connects P2P. Then the Mikrotik router can use NAT using the assigned IP range (212.178.10.128/29).
Is my assumption above correct?
Is there any way I can configure the Mikrotik router to work with Ziggo without needing an extra firewall or router? And if so, how would I achieve this?
IMO you are really lucky that Ziggo provides you a transport network.
So as “WAN” you need to use the P2P settings.
Add a bridge to your router and add one address of the provided IP range.
use this as src-address in your src-nat (not masquerade) rule for getting out to the world.
Like this, assuming your local network is default on 192.168.88.0/24
I’ll give this a go and get back to this thread to let everybody know if this worked as planned.
Just out of curiousity; can I add multiple bridges?
To be more specific; would it be possible to assign one of the other IP’s for sole use for an Exchange Server? The server is virtualized and already has an address on the LAN so I would need to route traffic 1:1 to the local IP.
Thinking one step further, could I assign a bridge to a certain VLAN?
No need for more bridges. Just add another address to the same bridge.
Assuming your exchange is locally on 192.168.88.200 and should externally listen to 212.178.10.130 the config would look like this:
Yes, you can easily add a vlan as bridge port. Then you have your WAN on that vlan and can assign hosts to it in the given address range.
These hosts need 212.178.10.129 as default gateway.
In RouterOS there’s an option to open up a Terminal Window. I said Telnet but I meant Terminal.
In the terminal windows you can enter commands, however, they don’t fully correspond with the code lines you send me.
For example, when you add an IP address you can’t enter the whole line at once. Instead you have to break it down. So first type ‘Add’ then the terminal will ask for the address. You type in the address and the next field entry might come up.
Got it.
I bet you tried to paste with ctrl+v on first attempt, right?
This enables autocompletion while typing.
Always paste with right-click → paste.
I find this very annoying as well.
-Chris
