Hi, I need to route a block of addresses to another mikrotik that is authorized , that is behind a hotspot. When I do this, and go to “showmemyip.com” (connected to ether2) it show the address that is authorized on the ether1-gateway not the address that I have routed to ether2. I have but the gateway of this new block of addresses on ether2. Is there a way of doing this, or is the hotspot going to break this. I was thinking of running a VLAN around the hotspot, but don’t have a clue how to do this without breaking a running system. I have delivered address blocks to a remote device before by making a EOIP tunnel thru the hotspot, and then bridging the EOIP tunnel to the ether2 interface, which is not what I like doing.
Simply route the block to the IP of the device you want to provide them on and ensure you add (if you’re using nat) an allow rule for that range ensuring it won’t get natted as it passes out over the hotspot router.
That is one of the problems I see is it is being Natted. I have static address for devices inside hotspot, and nat, for DHCP customers. Where do I put this rule to allow this to past thru, is this under nat, or Mangle, or filter. What is an example of this rule.
That didn’t work for me. I didn’t mention that I do have to different hotspots on this mikrotik. One feeding on ether3, and the one that I want it to go out, is ether2. So I also tried setting the out interface to ether2 to help direct it, but that didn’t help.
Here is the basic picture of what I have, and the command that I have in place to make this work, (well I think it should work) but it doesn’t route.
On core Cisco router, xxx.xxx.155.1
I put.
ip route xxx.xxx 170.0 255 255 255.0 xxx.xxx.155.14 (points class c to hotspot, for devices, and I can get to these)
ip route xxx.xxx.174.64 255.255.255.224 xxx.xxx.170.11 (routes block of addresses to far out route, doesn’t route)
on hotspot xxx.xxx.155.14 I put
add address=172.20.32.1/21 comment=“hotspot network” disabled=no interface=“ether2-Mt Meadows” network=172.20.32.0
(dhcp natted block)
add address=xxx.xxx.170.1/24 comment=“device static addresses” disabled=no interface=“ether2-Mt Meadows” network=xxx.xxx.170.0 (static address block, one of these is what I am trying to route to.)
add action=accept chain=srcnat comment=“bypass for xxx.xxx.174.64/27” disabled=no out-interface=“ether2-Mt Meadows” src-address=xxx.xxx.174.64/27
(it is authorized device, via radius manager, and I can get to it from the outside world)
On mikrotik RB-450G (xxx.xxx.170.11 )that I am routing to that is behind xxx.xxx.155.14 hotspot
I put
add address=xxx.xxx.170.11/24disabled=no interface=ether1-gateway network=xxx.xxx.170.0 (base address of device) I can get to this.
add address=xxx.xxx.174.65/27 disabled=no interface=ether2-customer network=xxx.xxx.174.64 (gateway of routed address)
This address block doesn’t route to ether2.
Do you see anything that I am doing wrong, to keep these from routing.