Hi all,
I’m not networker
I have new RB750Gr3 with latest updates and default config.
I want to have following:
ethernet port 1 - for internet, network addres to be configured by DHCP
ethernet port 2 - with static IP Address - 10.0.2.1, other hosts connected to this interface must be able to access internet through ethernet 1
ethernet port 3 - with static IP Address - 10.0.3.1, other hosts connected to this interface must be able to access internet through ethernet 1
ethernet port 4 - with static IP Address - 10.0.4.1, other hosts connected to this interface must be able to access internet through ethernet 1
ethernet port 5 - with static IP Address - 10.0.5.1, other hosts connected to this interface must be able to access internet through ethernet 1
networks connected to eth2-5 interfaces must be isolated at Level2.
I tried to remove ports from Bridge and remove bridge itself, configured addresses for interfaces, but i’m loosing connection from eth3-5 ports to routers web intefcace, also winbox is unable to connect. also there was no internet from this ports.
Please give me clear, step-by-step instructions how to achieve my goal. Winbox method is preferred, but if is necessary, i can use CLI or webfig too.
Thanks.
With the default config, now ether2 till ether5 should be added to the LAN “interface list”
Ether1 is member of the WAN interface list. And before the bridge (with all its slave ports) was member of the LAN interface list.
“interface lists” are in the second tab of “interfaces” in Winbox.
Those interface lists WAN and LAN are used in the firewall and services settings, and as such define what can be done or not.
I assume you did set up the DHCP servers for each of the eth2-eth5 interfaces. (4 DHCP servers)
You are wanting to operate very similar to my RB750Gr3 - it is strictly used as a router and all switch functions are handled by a separate switch (CSS326-24G-2S in my case). I have never had a bridge on any of my routers.
By default a router will route traffic between LANs, so you must put in firewall rules to exclude communications between LANs. Additionally you need to tell the router how each LAN reaches the internet. That will involve IP routes (most likely will get built automatically for you - as dynamic routes), and you need to specify a Source NAT so that internet traffic will work right. There is likely one already there since LAN port 2 works, however it may need to be adjusted a bit. Here is mine:
add action=masquerade chain=srcnat comment="Masquerade for cable" \
out-interface=E1-p2_Cable_Internet
What this does is tell the router to masquerade IP addresses for traffic leaving the router on my cable internet. Yes, that can be explained in more detail.
You may want to export your configuration and post it here, so we can look at what you have and how to fix it.
Yes, agreed, if you have my MTUNA certification, chapter 3 states, after understanding fully the requirements (Chp1) and the current network setup (devices, diagrams, etc) Chp 2, the next step is to understand the current configuration. One of the commandments of the certifications (rules of thumb) is, THOU SHALT NOT GUESS!!!
“I have new RB750Gr3 with latest updates and default config.”
“I want to have following”:
..etc…
Clear enough for me, I did indeed not check if those statements are true.
In the case of real default config, and the actions taken (ethernets removed from bridge), the suggestions given are the missing steps.
OP is clearly new to MKT and forum. “Posting config” will need some hints.
