Hi there…
There is MT(RB2011 series) as main router with 2 separate LAN subnets(clients) sharing same internet connection.
Both subnets 192.168.20.x and 192.168.30.x are separated from each other using simple firewall rule dropping packets between subnets.
Subnet 20.x has a bridge with some slave ports, 30.x has one dedicated port with internal wifi router in between.
Now… Here comes surveillance infrastructure (IP cameras and recorders also behind another low-end internal router working on a subnet 2.x) .
From now on surveillance hardware needs to be accessed from both “main” subnets.
First I think it would be best to get rid of non-mikrotik routers. Then I thought some VLAN setup might help but keep in mind that basically MT will be the only “VLAN-configurable” device. There are no managed switches etc.
Any ideas on that?
PS. I’ve attached pretty acccurate (current) network diagram…
