on interface 1 I have the public
IP adress : x.x.102.38
gateway : x.x.102.1
From the terminal of the router I can ping to public internet, google etc… all OK.
then on interface 10 I have set a Routed Subnet of :
IP : x.x.101.48/28
so, the interface itself is set to : x.x.101.49
then I have connected my pc to this interface (10) via l2 switch. on the computer i have set:
IP : x.x.101.50
gate : x.x.101.49
from PC I can ping the mikrotik interface 10 (x.x.101.49 all OK.
I have set a default route in the Mikrotik like this : 0.0.0.0/0 (any) to x.x.102.1
in the routes table all shows reachable distance 1. so it’s perfect.
But I’m unable to get to internet from my pc.
I have tried pinging to x.x.102.1 no succes.
I have also tried to set the default route to an interface ( eth1 in my case the first interface where the provider sits) then is also route reachable all OK, but still unable to ping the internet.
what have I forgot ?
i hope somebody can help me out here.
It sounds like the ISP might have made a mistake in routing your /28 to you.
I assume that /ip firewall NAT and /ip firewall FILTER are both empty right now, since they didn’t appear in your /ip export.
If you have rules, make sure they’re not blocking anything, doing NAT, or some other effect that shouldn’t be happening.
(you could try disabling all rules while troubleshooting, and re-enabling them a few at a time if there are rules)
The default route should be the next hop IP as you originally had it, and not the interface - setting the default route to be gw=ether1 requires that the ISP router is answering proxy arp, and you will have an ARP entry in your Mikrotik for pretty much every public IP address you interact with… so the original configuration was the best.
Another test is to try to ping 8.8.8.8 from the CCR, but go to the advanced tab and set the source address = xx.xx.101.49
If that also fails, then almost certainly the ISP has not properly routed your subnet.
I dont have any firewall / nat / filter or rule. the only thing I did ont his device is configutre time / date
user pass, updated firmware and os. then I set the IP for 1st interface eth1, and to the 10th interface for ths routed subnet. then I have added a default rule 0.0.0.0/0 to eth1 / xx.xxx.102.1
Did you try the ping test?
Almost certainly it’s going to fail as well, because I can say the odds are pretty good the /28 isn’t properly routed to you.
Try to traceroute back to yourself with a web page that offers traceroutes and see if the packet ever gets as far as your 102.38 address.
You are right, the traceroute goes to another IP, I have sent an mail to the provider to recheck if it’s enabled for this IP too, but I think it’s not, and the IP on wich it comes out is already in use by another server of mine, so If the provider cannot change the settings on he’s side, I’ll need to retest in the night when I can take off the cable of another server )
now the routed subnet problem is solved, I can succesfully comunicate in and out on my pc.
I have connected also second device on port 9eth of the router and have bridged it with port 10. now they both have public IP 50 and 51, and all works fine.
)