Community discussions

 
tomislav91
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 87
Joined: Fri May 26, 2017 12:47 pm

how to two subnet to communicate?

Thu Oct 12, 2017 4:17 pm

Hello, i have two routers in two different networks.
10.0.8.0/24 and 10.0.58.0/24
I want to manage that that two subnet see each other.
I added
ip firewall filter add action=accept chain=forward dst-address=10.0.58.0/24
and different in another router, but there is no connection between them. Where I wrong about?
 
Feklar
Forum Guru
Forum Guru
Posts: 1726
Joined: Tue Dec 01, 2009 11:46 pm

Re: how to two subnet to communicate?

Fri Oct 13, 2017 12:55 am

Are the two subnets attached to the same router? If not, how are the two routers connected? Directly or over some VPN? You will need to install the necessary routes with next hop addresses in each router as well, and how you do that depends on your answers.
 
tomislav91
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 87
Joined: Fri May 26, 2017 12:47 pm

Re: how to two subnet to communicate?

Fri Oct 13, 2017 9:52 am

no subnets are for the different routers, two routers and two subnets, each for router. These two routers are connected via vpn to the main router.
 
Feklar
Forum Guru
Forum Guru
Posts: 1726
Joined: Tue Dec 01, 2009 11:46 pm

Re: how to two subnet to communicate?

Fri Oct 13, 2017 6:12 pm

So in reality you have 3 routers, not just two. Do you want the two routers to communicate to each other over the main one?

Depending on the type of VPN you are using, L2TP, PPTP, EoIP, etc. the virtual interface should have an IP address assigned to it, an address and network IP if you look at your address list.

For the first routers routing table set 10.0.8.0/24 as reachable by the network address, this should be pointed to the core router.
For the core router, set 10.0.8.0/24 as reachable by the IP address assigned to your second router.
For the second router set 10.0.58.0/24 as reachable by the core router.
And in the core router set 10.0.58.0/24 as reachable by the first one.

You will need to make sure that the core router will allow forwarding between the tunnel interfaces in it's firewall.

If you are using pure IPSec, things get a bit more complex since there is no virtual interface created so you cannot make the routing changes needed through the routing table. Instead you need to use the IPSec policies on each router to control how traffic is sent, especially if you wanted them to communicate through the core router instead of directly.

You do this by specifying the src. address and dst. address in the policy, and you determine where traffic is sent by using the SA src. address and SA dst. address.
 
tomislav91
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 87
Joined: Fri May 26, 2017 12:47 pm

Re: how to two subnet to communicate?

Fri Oct 13, 2017 7:29 pm

I manage to succeed something. I add in routes of these two routers in destinatiom address whole subnet of second router amd gateway set to l2tp, which I with main router have access to them. Do in my main router i have l2tp connection over ipsec.

And now two routers can communicate and can see anything in the network but problem is that some pc in one network cant see pc in another.
 
Feklar
Forum Guru
Forum Guru
Posts: 1726
Joined: Tue Dec 01, 2009 11:46 pm

Re: how to two subnet to communicate?

Fri Oct 13, 2017 7:47 pm

Chances are it's the built in windows firewall preventing it.
 
tomislav91
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 87
Joined: Fri May 26, 2017 12:47 pm

Re: how to two subnet to communicate?

Fri Oct 13, 2017 11:25 pm

i have also linux machines and no ping as well..
 
User avatar
Cascuda
newbie
Posts: 30
Joined: Mon Jan 02, 2017 4:34 pm
Location: Spain
Contact:

Re: how to two subnet to communicate?

Sat Oct 28, 2017 12:23 am

A question. I have a conection IPSEC oK "I can to do ping to between the two network 172.16.0.0/24 --> 172.16.1.0/24 as 172.16.1.0/24 --> 172.16.0.0/24" but I can't connect via Winbox or Telnet to the router from the other network.
Explain. If I have it's IP 172.16.0.100 in my laptop and want go to Router 172.16.1.1 I can't connect... Can you help me ?
 
User avatar
matiaszon
Member
Member
Posts: 305
Joined: Mon Jul 09, 2012 9:26 am

Re: how to two subnet to communicate?

Sat Oct 28, 2017 2:36 am

I manage to succeed something. I add in routes of these two routers in destinatiom address whole subnet of second router amd gateway set to l2tp, which I with main router have access to them. Do in my main router i have l2tp connection over ipsec.

And now two routers can communicate and can see anything in the network but problem is that some pc in one network cant see pc in another.
Just to make clear, what is your type of network, please confirm if your network looks like THIS

1. Which of these routers are MikroTiks?
2. What are their private IPs?
3. Is router1 and router2 connected to router3 vai Internet?
4. Is router3 doing anything else, or is it just a VPN server for the others? Just asking if it's possible to eliminate it.
 
tomislav91
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 87
Joined: Fri May 26, 2017 12:47 pm

Re: how to two subnet to communicate?

Thu Nov 09, 2017 11:25 am

I manage to succeed something. I add in routes of these two routers in destinatiom address whole subnet of second router amd gateway set to l2tp, which I with main router have access to them. Do in my main router i have l2tp connection over ipsec.

And now two routers can communicate and can see anything in the network but problem is that some pc in one network cant see pc in another.
Just to make clear, what is your type of network, please confirm if your network looks like THIS

1. Which of these routers are MikroTiks?
2. What are their private IPs?
3. Is router1 and router2 connected to router3 vai Internet?
4. Is router3 doing anything else, or is it just a VPN server for the others? Just asking if it's possible to eliminate it.

yes it is my setup. One core router which provide via ppp tunneling to other routers.
So first subnet is 10.0.8.0/24, and second is 10.0.58.0/24.
When I put a route which is that accept all addresses via gateway l2tp, router can see all devices of other router, but device in one router dont see device in another.
I don't know why..
 
User avatar
Anumrak
Forum Guru
Forum Guru
Posts: 1051
Joined: Fri Jul 28, 2017 2:53 pm

Re: how to two subnet to communicate?

Thu Nov 09, 2017 1:20 pm

Do not just ping, do traceroute. This way we will know which router doesn't know the route to your destination.

Who is online

Users browsing this forum: No registered users and 35 guests