I have got a new cloud router : mikrotic ccr 1016.
I’m trying to set it but I’m unable to make all work. this is the situation :
I have IP range :
88.123.123.48 - 88.123.123.63
gateway : 88.123.123.1
I have set, port 1 to : 88.123.123.49, and gate to : 88.123.123.1
I have set a route : 0.0.0.0/0 to 88.123.123.1
I have acces to the router from public, it’s working, it’s pingable.
but now I want to use other IP adresses in my network, so i have connected a pc to port 2, and gave it the IP : 88.123.123.50 with gate : 88.123.123.49
here comes the problem, I have physical connection, but no internet, no ping.
I know I’m forgetting something.
I hope you guys can help / advise me, point me in the right direction.
thanks in advance.
(dhcp is not enabled, nat is not enabled. I’m not going to use this as local 192.168.x.x network. this will be used as a public network router)
no replies because most expect you to understand tcp/ip routing and read the Wiki first. a CCR isn’t exactly a novice router.
You can not “route” an IP range like that. If you want routed public IP’s you will need to have your ISP provide you with a subnet.
But you can bridge it, and use the IP filter on the bridge. Add ports 1 and 2 to a “wan” bridge, then assign your PC the IP address and .1 as the gateway. Enable IP filter on the bridge and set rules accordingly.
HOWEVER. A better way to do this would be 1-to-1 NAT, using private IP’s on the inside LAN. Then using approiate NAT and Filter rules to keep the PC’s safe. It would also provide a much higher network throughput.
No real point in him posting a diagram, as what it wants to do cannot be done. Simply stated, the ISP router (the .1) will not route the .50 through .63 through .49. I’m assuming he has a /24 subnet, so that entire /24 will be routed through .1. If he insists on public IP’s for the other devices, a bridge is his only choice, keeping .1 as the gateway for each device.
But again, the proper, safer, and faster way is to do 1-to-1 NAT.
I have a subnet, if you pay attention you will see /28, that’s the subnet that I got from my provider.
net x.x.x.48
the gateway for the router is x.x.x.1, I know this must be possible.
this job is now done by my PFSENSE, but somehow it’s not working on mikrotik,
If i want a NAT i will just press a enable NAT, will give a basic local IP pool and make it work ( i have like hundreds of small mikrotiks all over my customers, i’m using mikrotik in a NAT for long time, however this is not meanth to be a NATed net, because the servers will be behind this router need to have public ip’s. I will use this router only and only to be able to shape the traffic.
maybe the bridge will solve it, but then it will go directly to the main gateway, if I will not find a solution as i wanted, maybe this will be the last resort to try. but for now I want the router act as a ip provider and gateway, because after this I will put there another subnet, so there will be to networks.
I have the main network connection that comes to my mikrotik, from there it must go out to 2 cables, one for me one for the other user, we both have diferent subnets / with public IP’s NO NAT!
I need to shape the traffic between us two. i get x amount up down, he get’s x amount up down.
that’s basicly only thing I will be doing for now on this router.
I’m Cisco Certified CCNA. so I have basic knowledge of networks / subnets etc…
I just need a push from a person that has mikrotik experiance.
I still hope somebody will dive in this and help me out.
I’m very sorry if I offended anybody, or made a rude move. it’s not my intention, I’m just little irritated by this little device that keeps me trying for 2 days now.
somehow it’s always same with mikrotik, they are good, but untill I get a grip on them, they will completely distroy me.
I understand. I feel the same about Cisco. MikroTik’s are must simpler and much more powerful than most think.
Like i said, post whatever screenshots that you can from the pfSense and we can get this new unit matched up to be a direct swap.
I cannot post the existing config, because there is a problem on that server, I dont have acces anymore, it’s old and that’s why we bought this mikrotik to replace it, I have made that config a long time ago with my collegue, but we are not able to get in anymore. it’s working, it’s online but not letting us in, something is corrupted I gues.
So we have connected the mikrotik to the fiber / ether switch just as pfsense is, and tried to configure just for the test the second network x.x.x.48/28, because that one is not yet in pf sense so there will be no conflict.
I know that mikrotik is very powerfull, thats the reason I bought it
mikrotik and wifi, bad experiance, but for the rest, always good experiance. I could agree that in some way they are better then cisco, but I thnk the comparison is not right, cisco is a money company their systems specially the new onse are made to milk everyone out. while others like mikrotik are new in the market and faster with more functions, I dont know if a mikrotik will work 20 years without a problem, cause cisco mostly will, but again they are 2 diferent systems, with diferent goals.
on you MikroTik do an /export compact file=config and post the resulting file.
This should be a very simple routing setup. I’d like to see what you have currently and we can correct from there.
