Hello everyone, I am still a bit new to Mikrotik I need help . I have set up 4 networks on my router interfaces as follows:
Ether1 = WAN and it is a DHCP client network 192.168.1.0/24
Ether2 = Not configured
Ether3= DHCP network 10.20.30.0/24
Ether4= DHCP network 192.168.88.0/24
Ether5= DHCP network 172.16.0.0/24
What I essentially need is for all the networks or subnets to see each other i.e if I am connected on Ether1 I need to be able to reach IP addresses on Ether3 , 4, and 5. Can anyone please assist.
A bit difficult with the limited info supplied, might be better if you ad an IP diagram and your current config.
Mikrotik will dynamically add the routes to each subnet / interface locally, if there are routers on the other sides at any of these subnets, you might need to configure routing on those devices to access each subnet.
Also make sure your firewall allow traffic between these subnets
Ok? If I have 12 subnets. I’m very weak at this.
Can I get step by step instructions to solve this problem?
How to configure routing on those devices to access each subnet correctly?
Thanks Mechanic
They “should” be able to talk to each other as you have multiple subnets with a router inbetween them. It should route.
Have you firewalled them?
Is IP Forwarding checked in IP>Settings ?
Hi , I have attached the map of the Network below, I want to be able to connect to any of the 3 switches and reach all the other subnets on the Mikrotik , the Mikrotik is the only router in the design.
I have re-done the set up and now I can reach my networks , now I have no Internet access on any of the networks, my internet is connected on ether1 ,what could be the issue? My switches are not tagged there is no VLAN configs on them.
My config is as follows:
admin@MikroTik] > export hide-sensitive
I am confused by the diagram.
Are you saying that you are behind a router?
A WANIP of 192.168.1.x tells me that you are getting an IP from a private router already and the double nat scenario may be horrific???
In any case that should not change as indicated everything behind the router and it should work. I am just not sure if setting a DNS of google, would work in a double NAT scenario???
add name=dhcp_pool7 ranges=172.16.0.2-172.16.0.254
add name=dhcp_pool8 ranges=172.16.0.2-172.16.0.254
Not sure why you have duplicate pool ranges??? Recommend remove pool7
add interface=ether2 list=lan
Not required if not used, recommend remove?
Hopefully I am not confused, but concur, as defined, the interfaces all defined as LANS (no bridges) the interfaces should see each other at Layer 2???
I dont see routing rules but that probably means nothing here as you are looking for LAN toLAN traffic.
Seeing your FW rules will be important as you may be blocking interlan traffic somehow?
That is difficult to say without the necessary info and without knowing the symptoms you are experiencing, i.e. do you have no internet, or do you have internet but no name resolution / can’t browse?
I see no routing info from your export, my assumption is because the routes are dynamic, and you probably also received a dynamic default route via DHCP Client.
Change the following and test:
Add dns-server=8.8.8.8 under /ip dhcp-server network for each DHCP
Remove “out-interface-list=WAN” from /ip firewall nat rule action=masquerade chain=srcnat out-interface=ether1 out-interface-list=WAN
I agree with other posters, I don’t see that the interface-list definitions do anything useful. They’re certainly not necessary to the configuration as given, and should probably just be removed.
What puzzles me is the statement in your original posting about “if I am connected on ether1 I should be able to see all of the subnets.” If you (i.e., your PC) have a connection to your network on the LAN side, meaning NOT through ether1, you should be able to see all of those devices, but a connection coming in from the WAN port on ether1 is not going to see any of those devices because of the NAT barrier. It sounds like you need to better clarify what it is you’re trying to do and what it is that’s failing so we can offer better advice.
