/ip route add
dst-address=10.10.10.0/24 gateway=192.168.83.x
1 ADC 10.10.10.0/24 10.10.10.254 wlan2 0
XS2.ar2316.v4.0.4974.110823.1727# ping 10.10.10.7
PING 10.10.10.7 (10.10.10.7): 56 data bytes
64 bytes from 10.10.10.7: icmp_seq=1 ttl=63 time=3.9 ms
64 bytes from 10.10.10.7: icmp_seq=2 ttl=63 time=2.9 ms
64 bytes from 10.10.10.7: icmp_seq=3 ttl=63 time=3.4 ms
64 bytes from 10.10.10.7: icmp_seq=4 ttl=63 time=3.0 ms
64 bytes from 10.10.10.7: icmp_seq=5 ttl=63 time=3.4 ms
64 bytes from 10.10.10.7: icmp_seq=6 ttl=63 time=3.5 ms
4 A S 192.168.83.0/24 10.10.10.254 1
root@(none):~# ping 192.168.83.2
PING 192.168.83.2 (192.168.83.2): 56 data bytes
64 bytes from 192.168.83.2: seq=0 ttl=63 time=3.688 ms
64 bytes from 192.168.83.2: seq=1 ttl=63 time=2.813 ms
64 bytes from 192.168.83.2: seq=2 ttl=63 time=5.478 ms
64 bytes from 192.168.83.2: seq=3 ttl=63 time=2.770 ms
^C
--- 192.168.83.2 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 2.770/3.687/5.478 ms
>tracert 192.168.83.2
Tracing route to 192.168.83.2 over a maximum of 30 hops
1 1 ms <1 ms <1 ms 10.10.10.1
2 2 ms 1 ms 1 ms 10.10.10.254
3 3 ms 6 ms 3 ms 192.168.83.2
XS2.ar2316.v4.0.4974.110823.1727# traceroute 10.10.10.7
traceroute to 10.10.10.7 (10.10.10.7), 30 hops max, 40 byte packets
1 192.168.83.1 (192.168.83.1) 2.22 ms 1.809 ms 1.695 ms
2 10.10.10.7 (10.10.10.7) 3.973 ms 4.13 ms 3.735 ms
XS2.ar2316.v4.0.4974.110823.1727# ping 10.10.10.7
PING 10.10.10.7 (10.10.10.7): 56 data bytes
64 bytes from 10.10.10.7: icmp_seq=2 ttl=63 time=2.9 ms
64 bytes from 10.10.10.7: icmp_seq=3 ttl=63 time=2.8 ms
64 bytes from 10.10.10.7: icmp_seq=4 ttl=63 time=2.8 ms
64 bytes from 10.10.10.7: icmp_seq=5 ttl=63 time=3.0 ms
--- 10.10.10.7 ping statistics ---
6 packets transmitted, 4 packets received, 33% packet loss
round-trip min/avg/max = 2.8/2.8/3.0 ms
No internal rules on any of routers. Just simple NAT on incoming traffic from both WANs.Are you running any firewall rules on your routers that are preventing inter lan communications.
[admin@station1] > /interface wireless monitor wlan2
status: connected-to-ess
channel: 2422/20/g
wireless-protocol: 802.11
tx-rate: 54Mbps
rx-rate: 36Mbps
ssid: MikroTikSSID
bssid: 6C:3B:6B:3D:D1:CC
radio-name: 6C3B6B3DD1CC
signal-strength: -80dBm
signal-strength-ch0: -80dBm
tx-signal-strength: -59dBm
tx-signal-strength-ch0: -59dBm
tx-signal-strength-ch1: -98dBm
noise-floor: -93dBm
signal-to-noise: 13dB
tx-ccq: 87%
rx-ccq: 68%
p-throughput: 29355
overall-tx-ccq: 87%
authenticated-clients: 1
current-distance: 1
wds-link: no
bridge: no
nstreme: no
framing-mode: none
routeros-version: 6.38.3
last-ip: 10.10.10.1
802.1x-port-enabled: yes
authentication-type: wpa2-psk
encryption: aes-ccm
group-encryption: aes-ccm
management-protection: no
sent=1148 received=1148 packet-loss=0% min-rtt=0ms avg-rtt=2ms max-rtt=115ms
[admin@RB750Gr3 > /ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
1 ;;; Maskarada WAN
chain=srcnat action=masquerade out-interface=lte1 log=no log-prefix=""
2 ;;; QNAP WWW server
chain=dstnat action=dst-nat to-addresses=10.10.10.6 to-ports=80 protocol=tcp in-interface=lte1 dst-port=80 log=no log-prefix=""
3 ;;; QNAP Asterisk
chain=dstnat action=dst-nat to-addresses=10.10.10.6 to-ports=5060 protocol=udp in-interface=lte1 dst-port=5060 log=no log-prefix=""
4 chain=dstnat action=dst-nat to-addresses=10.10.10.6 to-ports=5060 protocol=tcp in-interface=lte1 dst-port=5060 log=no log-prefix=""
5 ;;; futro OSCam
chain=dstnat action=dst-nat to-addresses=10.10.10.5 to-ports=2502 protocol=tcp in-interface=lte1 dst-port=2502 log=no log-prefix=""
6 ;;; Vu+ Duo2 web interface
chain=dstnat action=dst-nat to-addresses=10.10.10.7 to-ports=80 protocol=tcp in-interface=lte1 dst-port=50180 log=no log-prefix=""
[admin@RB433] > /ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Masquarade WAN
chain=srcnat action=masquerade out-interface=PPPoE log=no log-prefix=""
1 ;;; Masquarade wlan2
chain=srcnat action=masquerade out-interface=wlan2 log=no log-prefix=""
2 ;;; Modem access
chain=srcnat action=src-nat to-addresses=192.168.1.254 dst-address=192.168.1.1 out-interface=ether1 log=no
log-prefix=""
3 ;;; stb web interface
chain=dstnat action=dst-nat to-addresses=192.168.83.10 to-ports=80 protocol=tcp in-interface=PPPoE
dst-port=50180 log=no log-prefix=""
# feb/28/2017 13:33:13 by RouterOS 6.38.3
# software id = R2DT-MMRW
#
/interface bridge
add admin-mac=6C:3B:6B:3D:D1:CB auto-mac=no name=bridge-LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk eap-methods="" \
management-protection=allowed mode=dynamic-keys name="WPA WPA2" \
supplicant-identity="" wpa-pre-shared-key=b3nt0nit wpa2-pre-shared-key=\
b3nt0nit
/interface wireless
# managed by CAPsMAN
# channel: 2422/20-Ce/gn(0dBm), SSID: kaczkowo-dach, CAPsMAN forwarding
set [ find default-name=wlan1 ] antenna-gain=20 band=2ghz-g/n channel-width=\
20/40mhz-Ce country=poland frequency=auto mode=ap-bridge rx-chains=0,1 \
security-profile="WPA WPA2" ssid=kaczkowo-dach tx-chains=0,1 wps-mode=\
disabled
/interface wireless nstreme
# managed by CAPsMAN
# channel: 2422/20-Ce/gn(0dBm), SSID: kaczkowo-dach, CAPsMAN forwarding
set wlan1 enable-polling=no
/interface bridge port
add bridge=bridge-LAN interface=ether1
/interface wireless cap
#
set bridge=bridge-LAN caps-man-addresses=10.10.10.1 certificate=request \
discovery-interfaces=bridge-LAN enabled=yes interfaces=wlan1 \
lock-to-caps-man=yes
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
interface=bridge-LAN
/system clock
set time-zone-name=Europe/Warsaw
/system identity
set name=dach-AP
/system leds
set 0 interface=wlan1
/system ntp client
set enabled=yes primary-ntp=10.10.10.1 secondary-ntp=80.50.231.226
/system routerboard settings
set init-delay=0s
add distance=1 dst-address=192.168.83.0/24 gateway=10.10.10.254
add action=accept chain=forward comment="LAN Traffic" dst-address=10.10.10.0/24 src-address=192.168.83.0/24
add action=accept chain=forward comment="LAN Traffic" dst-address=192.168.83.0/24 src-address=10.10.10.0/24
This is what I already have since few postsOk I hope i have it now. you have RB750GR3 LAN A------ RB912 AP WLAN1 ----- RB433 WLAN2 STATION ------ RB433 LAN B
From my understanding and if I am wrong correct me. RB750 GR3 10.10.10.1 connects to RB912 and gives out dhcp. WLAN 2 on RB433 connects as a station to RB912.
If so instead of havind dhcp address on RB433 interface wlan2 I would configure a static ip on the 10.10.10.0/24. I would then exclude this from the DHCP on rb750. Lets say 10.10.10.254/24 I would then create ip route on RB750 GR3Code: Select alladd distance=1 dst-address=192.168.83.0/24 gateway=10.10.10.254
And it seems, this is what I was missing!depending on your firewall rules you may need to add to each router at the top of your forward rules. this would allow forward traffic between the 2 lans.Code: Select alladd action=accept chain=forward comment="LAN Traffic" dst-address=10.10.10.0/24 src-address=192.168.83.0/24 add action=accept chain=forward comment="LAN Traffic" dst-address=192.168.83.0/24 src-address=10.10.10.0/24
chain=srcnat action=masquerade log=no log-prefix=""