hello everyone, recently I have a problem that I can’t overcome.
I created a network between me and my 2 neighbors…
I’ll start by saying that I’m a mikrotik lhg antenna installer for a company.
I’m doing this for me and my neighbors.
my connection is starlink (router 192.168.1.1/24 and dhcp), it enters wan on my rb2011.
rb2011 acts as an unmanaged switch (only bridged all ports).
lan 1 - mercusys mesh (AP not router)
lan 2 - mikrotik groove (ap bridge)
lan 3 - another mesh
lan 4 - another mesh
lan 5,6,7,8,9 - tv and other home devices
lan 10 - poe ubiqiti ap for garden
connected to the grove we have 2 lhg (station bridge)
all these devices are configured with ip 192.168.1.x/24
only groove and lhg have rules that do not allow traffic between them for privacy.
I wanted to change the IP from Groove onwards but I tried with a Mikrotik HAP and if I put a different IP (eg: 192.168.10.x/24) I can’t get internet on the device (HAP like LHG etc.)
I hope I explained my problem well, I will definitely have to reconfigure everything from scratch but I hope to understand the problem so I can intervene because everything seems to work well, the internet works very well but sometimes disconnections occur as if there were IP conflicts between the networks..
While, this is pretty simple to get started. The issue is your customers would have a “double NAT” (i.e. the remote/customer LHG do NAT, and starlink router do another NAT). This doesn’t matter for most web traffic, but stuff like real-time games and hosting servers may not like the double NAT. Nowadays, most apps deal with double NAT… since most cellular networks are similar restricted (via CGNAT but same concept) so modern things generally deal with it.
The only non-default be is opening open the winbox or webfig port on “WAN” (which is really just your starlink LAN) in /ip/firewall/filter, if you wanted to be able configure the LHG remotely. I believe you can open use “Port Forwarding” button is SOME QuickSet modes to this for 8291 or 443 or 22 etc. for management. And you’d use the starlink LAN IP assigned to remote router (which is WAN on remote), to access the remote router from your “backbone” (starlink LAN).
Beyond this kinda setup, you’d have all same choices in topology as other WISP - which generally devotes into “bridging vs routing” decisions. For example, a more routed topology here be to enable “bypass mode” on your startlink (and ideally add a static IP in your account)… so the RB2011 get one IP from starlink so you even map ports (to avoid a double NAT). But this might get more complex especially if starting from a limited RouterOS and/or IP routing experience… Thus idea here be “use defaults” which mainly work if you’re okay with a “double NAT” for your customers.