I've recently bought MikroTik hAP ac2 as a replacement for my old home router. On my old router I had a specific setup I wanted to replicate on hAP ac2. I have one network provided by my ISP (192.168.1.0/24) with the Internet gateway on 192.168.1.100. I cannot change any configuration here, it's managed by my ISP. In my previous setup I had my old router connected
on 192.168.1.X - it acted as DMZ. My old router created another network (LAN), acting as a the Internet gateway through the upper (ISP's) network. To that LAN I had all my devices connected. Now, the thing is, both the networks had the same subnet (192.168.1.0/24), yet both were separated from each other - I couldn't access any device in ISP's network from my LAN, and no device from ISP's network could access devices connected to my LAN (apart from those with forwarded ports). Here's a diagram:
This setup was unusual, I must admit, but everything worked fine. I wasn't paying much attention to it. Now, I've decided to replace my old router with hAP ac2. How could I configure it to work as my previous router? Right now I have my LAN src-natted and the only setup that's working for me is with LAN network configured as different subnet than the ISP's network. I see the simplest way to solve this would be to just renumber the LAN (eg. 192.168.2.0/24), but this would require me to reconfigure most of my devices (many of them had static IP addresses). hAP ac2 is connected to ISP's network by ether1 interface, and all the other interfaces are bridged and form the LAN.
To sum up, the thing I want to achieve is to have two networks, both numbered as 192.168.1.0/24 but separated, so devices from my LAN couldn't access ISP's devices and vice-versa.
Best Regards
