RB951G-2HnD connecting two networks

Uros · January 7, 2014, 4:26am

Hello

I have an RB951G-2HnD MikroTik router running RouterOS 5.25.

This is my current simple router setup:

INTERFACES:
Flags: D - dynamic, X - disabled, R - running, S - slave 
 #     NAME    TYPE               MTU L2MTU  MAX-L2MTU
 0  X  ether1  ether             1500  1598       4074
 1  R  ether2  ether             1500  1598       4074
 2  X  ether3  ether             1500  1598       4074
 3  R  ether4  ether             1500  1598       4074
 4  X  ether5  ether             1500  1598       4074
 5  X  wlan1 

IP ADDRESSES:
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                                                                                                                            
 0   10.0.0.175/24      10.0.0.0        ether2                                                                                                                                               
 1   192.168.0.1/24     192.168.0.0     ether4   

IP ROUTES:
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADC  10.0.0.0/24        10.0.0.175      ether2                    0
 1 ADC  192.168.0.0/24     192.168.0.1     ether4                    0

Only two interfaces are active, ether2 and ether4 each connected to a different network.
I tried to ping different computers on both networks from the router and it works just fine (eg. I can ping computers 10.0.0.4 and 192.168.0.2).

But I can’t ping computers in 10.0.0.0/24 from 192.168.0.0/24. For example, my computer is in the 192.168.0.0/24 network and it set up like this:
IP address: 192.168.0.2/24
Default gateway: 192.168.0.1

From my computer, I CAN ping 10.0.0.175, which is the IP address of the ether2 port, but I CANNOT ping 10.0.0.4 or any other computer connected to that network.
Is there anything else I should set up for this to work?

Rudios · January 7, 2014, 9:36am

Check the gateway settings on the devices connected to the 10.0.0.0/0 network.
They should have 10.0.0.175. If not, set them to make it work.

Uros · January 7, 2014, 6:57pm

Thanks a lot! I’ve been trying to crack this one for days.
I can’t change the gateway on the devices on 10.0.0.0/24, because I’m not the administrator of that network, but setting up NAT on my MikroTik router did the trick.

Rudios · January 8, 2014, 7:59am

NAT is also a possibility

dkirwan · February 3, 2014, 5:25am

Hi All,

I have the same problem with you guys, may i know how do trick on the NAT?

Thx

deejayq · February 3, 2014, 10:46am

chain src-nat action masquerade out via ether2

dkirwan · February 4, 2014, 8:27am

thx deejayq for your information, I’ve forgot to mention, I have internet connection on port1 and already masquerade the out via port1, do i need to have add another masquerade entries?

so actually my configuration is:
port 1: internet
port 2: ip 192.168.10.xxx/24
port 3: ip 10.15.165.xxx/24

thx again

deejayq · February 5, 2014, 1:06pm

yes of course, set the first masquerading rule out via ether 1 so that your internet will work
set the second masquerading rule out via the interface on which the mikrotik router is not the gateway.

dkirwan · February 5, 2014, 4:33pm

Got it, it’s working now, but I have another issue with the routing, right now I have two next hop on my routing table, the first one is goes to the port 3 ip gateway and the second hop is internet gateway, If I go to internet using client PC on network 192.168.10.xxx sometime is can’t get through, i try to ping google, it came out with RTO and some time is connected. after I tried to trace route google on winbox terminal, it always try to get the first-hop first, did miss I something here, maybe the distance or the scope?

Thx