Hello,

I am trying to add a second MT router at a tower location and it is getting
really frustrating it is not working right. We have the first Mt box at the
data center and is our gateway connection and is working just fine. When we
try to put the second box into place and route to the first MT box,
everything works kinda. We can ping the gateway router and external Internet
from the MT box but the clients behind the second box can not ping the first
MT box but can ping the rest of the first subnet and not any of there
others.

We have 3 subnets:

Subnet #1
12.X.X.0
255.255.255.192

Subnet #2
12.X.X.64
255.255.255.192
(.65-.126 usable)

Subnet #3
12.X.X.128
255.255.255.128
(.129-.254 usable)

Our ip on the data center MT box is:

[admin@MikroTik] ip address> pr
Flags: X - disabled, I - invalid, D - dynamic

ADDRESS NETWORK BROADCAST INTERFACE

0 ;;; Public (Gramtel Hand Off)
216.X.X.66/29 216.X.X.64 216.X.X.71 public
1 ;;; Private Internet NAT Pool
10.3.1.1/24 10.3.1.0 10.3.1.255 private
2 12.X.X.8/26 12.X.X.0 12.X.X.63 private
3 ;;; Local (Wireless Hand Off)
12.X.X.1/26 12.X.X.0 12.X.X.63 private
4 12.X.X.65/26 12.X.X.64 12.X.X.127 private
5 12.X.X.129/25 12.X.X.128 12.X.X.255 private
6 10.2.1.1/24 10.2.1.0 10.2.1.255 private
7 10.4.1.1/24 10.4.1.0 10.4.1.255 private
8 192.168.0.1/24 192.168.0.0 192.168.0.255 private

With routing table of:

[admin@MikroTik] ip route> pr
Flags: X - disabled, I - invalid, D - dynamic, J - rejected,
C - connect, S - static, r - rip, o - ospf, b - bgp

DST-ADDRESS G GATEWAY DISTANCE INTERFACE

0 S 0.0.0.0/0 r 216.X.X.70 1 public
1 S 192.168.1.0/24 r 192.168.0.2 1 private
2 DC 216.X.X.64/29 r 0.0.0.0 0 public
3 DC 192.168.0.0/24 r 0.0.0.0 0 private
4 DC 12.X.X.128/25 r 0.0.0.0 0 private
5 DC 12.X.X.64/26 r 0.0.0.0 0 private
6 DC 12.X.X.0/26 r 0.0.0.0 0 private
7 DC 10.4.1.0/24 r 0.0.0.0 0 private
8 DC 10.3.1.0/24 r 0.0.0.0 0 private
9 DC 10.2.1.0/24 r 0.0.0.0 0 private



BOX 2 (The problem box)

Flags: X - disabled, I - invalid, D - dynamic

ADDRESS NETWORK BROADCAST INTERFACE

0 12.X.X.4/26 12.X.X.0 12.X.X.63 WAN
1 X 10.4.1.2/24 10.4.1.0 10.4.1.255 WAN
2 X 10.5.1.1/24 10.5.1.0 10.5.1.255 WAN
3 192.168.0.2/24 192.168.0.0 192.168.0.255 WAN
4 12.X.X.67/26 12.X.X.64 12.X.X.127 LOCAL



Routes:

lags: X - disabled, I - invalid, D - dynamic, J - rejected,
C - connect, S - static, r - rip, o - ospf, b - bgp

DST-ADDRESS G GATEWAY DISTANCE INTERFACE

0 S 0.0.0.0/0 r 192.168.0.1 1 WAN
r 12.96.250.1 WAN
1 S 12.X.X.128/25 r 192.168.0.1 1 WAN
2 DC 192.168.0.0/24 r 0.0.0.0 0 WAN
3 DC 12.X.X.64/26 r 0.0.0.0 0 LOCAL
4 DC 12.X.X.0/26 r 0.0.0.0 0 WAN

Anyone see why this is not working right?



Thanks,

John

Hi,

Yes, I can see a problem with your routes. It is not on the 2nd box though, it is on your 1st. Based on what you have shown here, the only IP’s that can be used on your second box are the 192.168.1.0 range as those are the only ones that are routed there.

1 S 192.168.1.0/24 r 192.168.0.2 1 private

It appears that you want to use the 12.X.X.64/26 range of IP’s for the clients that connect to the second box?

3 DC 12.X.X.64/26 r 0.0.0.0 0 LOCAL

If that is correct, then you need to add a static route on the 1st box to reflect that, so the route would look like

1 S 12.X.X.64/26 r 192.168.0.2 1 private

and then remove the 12.X.X.65/26 IP off the 1st box and add it to the second box. That will then become your gateway for the clients connecting to the second box.

Hope this helps


Regards