problems figuring out dhcp rules and ip address change

Tahlskog · May 2, 2020, 9:43am

Hello, kinda new to configuring networks, and now I have run into some issues…

So i have a separate cable modem set to bridge mode, and its IP address is set as 192.168.0.1 with an active DHCP server giving addresses in the range of 192.168.0.2…254, and I cant change it without loosing access to the modems HMI. This is then connected to a Mikrotik Routerboard on its first ethernet port. The router also has the same IP address 192.168.0.1 and i suspect this is not a good way of having it since there is probably gonna be some kind of IP conflict? i would prefer to have them on separate subnets(good practice?), as in one on 192.168.1.xxx and other on 192.168.0.xxx

So what I have been trying to do is to change the Routerboards IP address to 192.168.1.1 and its DHCP to give out addresses in the 192.168.1.2-254 range. but as soon as i change the DHCP server rule my computer looses internet access. Also my own computer does not get a new address in the 192.168.1.xxx range, it stays in the 192.168.0.xxx range. So i can still access the router at 192.168.0.1 but internet connection is lost.

i added some pictures from the Routerboards setup.
router ip address.png
dhcp server rule.png
dhcp server rule2.png
interface list.png

mkx · May 2, 2020, 10:08am

For changing IP config on router, use winbox with MAC connectivity … when winbox is started, click MAC address of your router in the “discovered devices” tab. This was changing router’s IP settings won’t break managmenet connection.

Re. IP addressing: as I can see, you’re currently receiving public IP address via DHCP on ether1 port … meaning that you can’t use DHCP client to get IP address allowing you to connect to modem’s management. You’ll have to do it manuially by assigning IP address to ether1, e.g.

/ip address add address=192.168.0.2/16 interface=ether1

. But only do it after you change internal LAN addressing. In addition, you’ll probably have to change the SRC-NAT rule you have in /ip firewall nat … or rather add another one. What adition/change is actually used depends on how it’s done at the moment.

Tahlskog · May 2, 2020, 10:53am

Will the NAT masquerade/firewall still work even if all devices are in the same subnet? i thought with my limited knowledge, that the cablemodem which is in bridge mode just letting everything from the internet straight through, should perhaps be in a different network?

this is the current firewall setup.

mkx · May 2, 2020, 1:05pm

I thought my message was clear: change IP addressing of your LAN. Verify that everything works with new IP addresses. Only then add address to router which will allow it to communicate with modem.

As to the src-nat rule: it might actually work as it is. We’ll think about it when we determine necessity for doing it.