I have configered a CRS125-24G-1S-2HnD (CRS125) so I don't need the provider router (KPN)
The vlans 4 (IPTV) and 6 Internet are put into a bridge (bridge-local). Vlan 4 uses IGMP proxy and Vlan 6 uses PPPoE.
This configuration works correct, i have IPTV and Internet.
Lan : 192.168.10.0 / 24 : GW : 192.168.10.250
Wan : Glasvezel NTU.
DHCP Pool : 192.168.10.x - 192.168.y
Now i have also a wifi network connected to the CRS125 :
Ether4 port : Wifi network 1 : Velop Wifi Mesh (3 nodes) in bridge mode. No problems here. : Gateway : 192.168.10.250 (CRS125). Uses DHCP from CRS125, this network has some troubles so we want to replace this for Google Nest Wifi.
Ether3 port : Wifi network 2 : Google Nest Wifi + Wifi point, Wan connected to CRS125, Gateway : 192.168.86.1 and uses a own DHCP pool.
This device could not be put in bridge because i uses the Mesh function.
In this case we have a double NAT, and there for we have some trouble when we connect Iphones and Ipads, laptops don't have problems (why?).
To solve the double NAT :: (Info Google).
1) Set the router in bridge mode, this is not possible
2) Create a DMZ and forward al the ports to ether3
I have some questions :
1) How to create a working NAT firewall rule, and is this the way.
I tried some but somehow it didn't work,
2) Or do i need static routing.
3) The other thing the wifi network don't need to have IGMP trafic, so i need to rebuild the bridge.
I could build a bridge-wifi, and isolate the ether3 and ether4 there. But how can involve the vlan and PPPoEclient.
Like this :
Who can help me ? I have some knowledge of the graphic interface (winBox) and some netwerk knowledge but i'am a newbie on Mikrotik.