I am running RouterOS ver 6.48.3 on a RB2011. I have 2 VLANs (named LAN – 192.,168.1.1/24, and LVRM 192.168.2.1/24). The ISP internet modem is connected to port 10.
Ports 1-5 (LAN) are for home computer/office. Ports 6-9 (LVRM) are for the living room (TV, DishTV, wi-fi). Currently, only port 8 is in use and goes to a Linksys AC 1200. The Linksys picks up an IP of 192.168.2.114 and shows not only the ISP’s DNS (1 & 2) IP’s, but the 192.168.1.1 (DNS 3) routerboard LAN IP.
Address List
Status Address Network Interface
D 104.151.183.3 104.151.182.0 eth 10-POE-R
192.168.1.1/24 192.168.1.0 LAN-B
192.168.2.1/24 192.168.2.0 LVRM-B

Both are in the Bridge (LAN-B and LVRM-B) and show R as status and the Ports Tab shows correct assignment and Role as “designated port” where there is an active connection otherwise as “disabled.” I have tried moving the ethernet cable to all 4 LVRM ports and the status changes, but no routing. This leads me to believe I have a configuration issue that I have missed.

The Linksys does have its own DHCP/NAT enabled by default and gives out 192.168.1.100-192.1.149 ip’s to any device hooked to it (like my laptop)

The primary problem is that LAN routes just fine, but the LVRM vlan will not route.

As a secondary issue, can not I ping or connect from the LAN to LVRM vlan. I would like to remotely control the Linksys from my computer.

I separated the 2 for both less traffic on the 192.168.1.1 net when streaming videos in the living room. Also for security - isolate the 192.168.1.1 as much as possible.

My question is where should I look or provide additional information to resolve the issue. As I have looked and looked and do not see any misconfiguration/differences in either.
Thank you in advance for your responses.

What VLAN implementation are you using ?
Bridge VLAN filtering ?
Hardware VLAN using switch chip?
Posting your configuration (with hide-sensitive) would certainly help …

Follow the instruction in my automatic signature right below, otherwise you cannot get any useful advice.

configuration per request
[admin@CPE-Goedicke] /partitions> print
Flags: A - active, R - running

NAME FALLBACK-TO VERSION SIZE

0 AR part0 next RouterOS v6.48.3 May/25/2021 06... 128MiB
[admin@CPE-Goedicke] /partitions> /
[admin@CPE-Goedicke] > export

aug/18/2021 04:37:19 by RouterOS 6.48.3

software id = HI9F-MTQT

model = 2011iLS

serial number = 608304A0B1A6

/interface bridge
add fast-forward=no name=LAN-B priority=0x4000
add fast-forward=no name=LVRM-B priority=0x4000
/interface ethernet
set [ find default-name=ether1 ] name=eth1 speed=100Mbps
set [ find default-name=ether2 ] name=eth2-LAN speed=100Mbps
set [ find default-name=ether3 ] name=eth3-LAN speed=100Mbps
set [ find default-name=ether4 ] name=eth4-LAN speed=100Mbps
set [ find default-name=ether5 ] name=eth5-LAN speed=100Mbps
set [ find default-name=ether6 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=eth6-LVRM
set [ find default-name=ether7 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=eth7-LVRM
set [ find default-name=ether8 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=eth8-LVRM
set [ find default-name=ether9 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=eth9-LVRM
set [ find default-name=ether10 ] advertise=10M-full,100M-half,100M-full,1000M-half,1000M-full name=eth10-POE-R
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=aes-128-cbc
/ip pool
add name=LAN-POOL ranges=192.168.1.10-192.168.1.200
add name=LVRM-POOL ranges=192.168.2.10-192.168.2.200
/ip dhcp-server
add address-pool=LAN-POOL always-broadcast=yes authoritative=after-2sec-delay disabled=no interface=LAN-B lease-time=8h10m
name=LAN-dhcp
add address-pool=LVRM-POOL authoritative=after-2sec-delay disabled=no interface=LVRM-B lease-time=8h10m name=LVRM-dhcp
/ppp profile
add change-tcp-mss=yes dhcpv6-pd-pool=ipv6Pool name=PPPoE use-encryption=yes
/interface pppoe-client
add add-default-route=yes allow=pap,chap default-route-distance=0 interface=eth10-POE-R keepalive-timeout=60 max-mru=1480
max-mtu=1480 mrru=1600 name=pppoe-client password=D5Qge28k profile=PPPoE user=Ppgoedicke
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/interface bridge port
add bridge=LAN-B hw=no interface=eth3-LAN
add bridge=LAN-B hw=no interface=eth2-LAN
add bridge=LAN-B hw=no interface=eth4-LAN
add bridge=LAN-B hw=no interface=eth5-LAN
add bridge=LVRM-B hw=no interface=eth6-LVRM
add bridge=LVRM-B hw=no interface=eth7-LVRM
add bridge=LVRM-B hw=no interface=eth8-LVRM
add bridge=LVRM-B hw=no interface=eth9-LVRM
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface detect-internet
set detect-interface-list=all lan-interface-list=all
/ip address
add address=192.168.1.1/24 interface=LAN-B network=192.168.1.0
add address=192.168.2.1/24 interface=LVRM-B network=192.168.2.0
/ip dhcp-client
add !dhcp-options disabled=no interface=eth10-POE-R
/ip dhcp-server config
set store-leases-disk=12h5m
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=66.119.48.2,66.119.48.3 domain=goedicke.us gateway=192.168.1.1 netmask=24 ntp-server=
66.119.48.8,66.119.48.99
add address=192.168.2.0/24 dns-server=66.119.48.2,66.119.48.3 domain=goedicke.us gateway=192.168.2.1 netmask=24 ntp-server=
66.119.48.8,66.119.48.99
/ip firewall address-list
add address=66.119.48.2 list=services
add address=66.119.48.3 list=services
add address=66.119.48.4 list=services
add address=66.119.48.98 list=services
add address=66.119.48.99 list=services
add address=66.119.48.28 list=services
add address=66.119.48.10 list=services
add address=66.119.48.80 list=services
add address=66.119.48.175 list=services
add address=66.119.48.175 list=Thosts
add address=66.119.48.10 list=Thosts
add address=66.119.48.80 list=Thosts
add address=66.119.48.2 list=Thosts
add address=10.0.0.0/8 list=RFC1918
add address=172.16.0.0/12 list=RFC1918
add address=192.168.0.0/16 list=RFC1918
add address=192.168.1.0/24 list=Thosts
add address=192.168.1.0/24 list=Local-Addr
add address=192.168.2.0/24 list=Local-Addr
/ip firewall filter
add action=accept chain=input comment="Allow established, related, limited icmp" connection-state=established
add action=accept chain=input connection-state=related
add action=drop chain=input comment="Block blacklisted" src-address-list=blacklist
add action=add-src-to-address-list address-list=blacklist address-list-timeout=1w chain=input connection-state=new dst-port=
21-23,1433,8291 protocol=tcp src-address-list=stage3
add action=add-src-to-address-list address-list=stage3 address-list-timeout=2m chain=input connection-state=new dst-port=
21-23,1433,8291 protocol=tcp src-address-list=stage2
add action=add-src-to-address-list address-list=stage2 address-list-timeout=2m chain=input connection-state=new dst-port=
21-23,1433,8291 protocol=tcp src-address-list=stage1
add action=add-src-to-address-list address-list=stage1 address-list-timeout=1m chain=input connection-state=new
dst-address-list=!trusted dst-port=21-23,1433,8291 protocol=tcp
add action=accept chain=input comment="Allow winbox local" dst-address=255.255.255.255 protocol=udp
add action=accept chain=input comment="Make broadcast work" dst-address-type=broadcast
add action=accept chain=input src-address-list=services
add action=log chain=input src-address-list=!Thosts
add action=drop chain=input src-address-list=!Thosts
add action=accept chain=forward connection-state=established,related
add action=accept chain=forward connection-state=related
add action=drop chain=forward comment="Block Microsoft networking" dst-port=134-139,445 protocol=tcp
add action=drop chain=forward dst-port=134-139,445 protocol=udp
add action=drop chain=forward comment="Drop all else" disabled=yes in-interface=pppoe-client log=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=eth10-POE-R src-address=192.168.1.0/24 src-address-list=Local-Addr
add action=accept chain=srcnat connection-type="" dst-address=192.168.2.118 src-address=192.168.1.197
add action=accept chain=srcnat dst-address=192.168.1.197 src-address=192.168.2.118
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/ipv6 address

address pool error: pool not found: ipv6Pool (4)

add eui-64=yes from-pool=ipv6Pool interface=LAN-B

address pool error: pool not found: ipv6Pool (4)

add eui-64=yes from-pool=ipv6Pool interface=LVRM-B
/ipv6 dhcp-client
add add-default-route=yes interface=pppoe-client pool-name=ipv6Pool request=prefix
/ipv6 firewall filter
add action=accept chain=ICMP-J icmp-options=1:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=2:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=3:0-1 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=4:0-2 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=128:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=129:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=130:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=131:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=132:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=133:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=134:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=135:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=136:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=141:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=142:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=143:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=148:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=149:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=151:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=152:0-255 protocol=icmpv6
add action=accept chain=ICMP-J icmp-options=153:0-255 protocol=icmpv6
add action=drop chain=ICMP-J icmp-options=137:0-255 protocol=icmpv6
add action=jump chain=input jump-target=ICMP-J
add action=jump chain=forward jump-target=ICMP-J
add action=accept chain=forward connection-state=established protocol=tcp
add action=accept chain=forward connection-state=related protocol=tcp
add action=accept chain=forward in-interface=LAN-B protocol=tcp src-port=1025-65535
add action=accept chain=forward in-interface=LVRM-B protocol=tcp src-port=1025-65535
add action=accept chain=forward in-interface=LAN-B protocol=udp src-port=1025-65535
add action=accept chain=forward in-interface=LVRM-B protocol=udp src-port=1025-65535
add action=drop chain=forward dst-port=134-139,445 protocol=tcp
add action=drop chain=forward dst-port=134-139,445 protocol=udp
add action=accept chain=forward comment="Change for Servers on LAN" disabled=yes dst-port=80 in-interface=pppoe-client
protocol=tcp

pppoe-client not ready

add action=drop chain=forward in-interface=pppoe-client
/ipv6 nd
set [ find default=yes ] advertise-dns=no disabled=yes
add hop-limit=64 interface=LAN-B managed-address-configuration=yes other-configuration=yes
add hop-limit=64 interface=LVRM-B managed-address-configuration=yes other-configuration=yes
/system clock
set time-zone-name=America/Los_Angeles
/system identity
set name=CPE-Goedicke
/system logging
add action=disk disabled=yes topics=pppoe

Sorry but you have no VLAN configuration at all…
However, from a real quick look the rule add action=drop chain=input src-address-list=!Thosts is most probably causing the second subnet not being able to resolve DNS queries, thus no internet access from youtr side…
Add your second subnet to the Thosts and see how it goes…