Hi All,
I’ve got a fairly simple connection through AT&T’s OPT-E-Man network. We have 5 incoming VLAN’s from our remote sites and 1 VLAN set to route all traffic out. I can get reachable status on the Routes page to all VLAN’s and can even ping/tracert fine from the router. But nothing on the LAN can ping anything on the internet. I can ping everything on that LAN, and all remote sites via their own VLAN connections, just can’t get out. I’ll attach my configuration below. I added additional routes after backing up this configuration for the local VLAN’s, so those won’t show up below.
Eth1 is the LAN due to the fact that once settings are working properly I’ll move Eth2(WAN) settings to the SFP1 port and connect to new equipment in place for an AT&T ASE upgrade.
Thank you in advance…I’m at a total loss here and school starts Wednesday, so I’m running out of time.
[admin@MikroTik] > export
aug/19/2016 06:12:35 by RouterOS 6.36
software id = KEL2-2UT0
/interface ethernet
set [ find default-name=ether1 ] comment=LAN
set [ find default-name=ether2 ] auto-negotiation=no full-duplex=no
set [ find default-name=sfp-sfpplus1 ] auto-negotiation=no comment=WAN
disabled=yes speed=1Gbps
set [ find default-name=sfp-sfpplus2 ] auto-negotiation=no speed=1Gbps
/ip neighbor discovery
set ether1 comment=LAN
set sfp-sfpplus1 comment=WAN
/interface vlan
add interface=ether2 name=BKS_VLAN vlan-id=62
add interface=ether2 name=HV_VLAN vlan-id=65
add interface=ether2 name=MA_VLAN vlan-id=63
add interface=ether2 name=MCOE_VLAN vlan-id=61
add interface=ether2 name=WH_VLAN vlan-id=60
add interface=ether2 name=WT_VLAN vlan-id=64
/ip pool
add name=dhcp_pool1 ranges=10.96.80.100-10.96.87.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether1 name=dhcp1
/queue simple
add max-limit=100M/100M name=queue1 target=“”
/queue type
add kind=pcq name=VLAN_61 pcq-classifier=dst-address pcq-dst-address6-mask=64
pcq-rate=50k pcq-src-address6-mask=64
/ip address
add address=10.96.80.1/21 comment=LAN interface=ether1 network=10.96.80.0
add address=XXX.XXX.XXX.XX/28 comment=WAN interface=MCOE_VLAN network=
XXX.XXX.XXX.XX
add address=192.141.35.1/24 interface=WH_VLAN network=192.141.35.0
add address=192.141.81.1/24 interface=BKS_VLAN network=192.141.81.0
add address=192.141.82.1/24 interface=MA_VLAN network=192.141.82.0
add address=192.141.83.1/24 interface=WT_VLAN network=192.141.83.0
add address=192.141.80.1/24 interface=HV_VLAN network=192.141.80.0
/ip dhcp-server network
add address=10.96.80.0/21 dns-server=10.96.80.2,8.8.4.4 gateway=10.96.80.1
netmask=21
/ip dns
set allow-remote-requests=yes servers=8.8.4.4,8.8.8.8
/ip dns static
add address=10.96.80.2 name=DO_DNS
/ip firewall nat
add action=masquerade chain=srcnat log-prefix=“” out-interface=ether2
/ip route
add distance=1 gateway=XXX.XXX.XXX.XX
add distance=1 dst-address=10.96.88.0/21 gateway=192.141.80.2
/ip traffic-flow
set enabled=yes
/system clock
set time-zone-name=America/Los_Angeles
/system routerboard settings
set cpu-frequency=1200MHz memory-frequency=1066DDR
[admin@MikroTik] >