I have a main router that connects to the ISP and also has few computers connected to it...
I connected Mikrotik Hap AC2 as an additional router to this one, using first port on the Mikrotik.
Main router has a subnet like 192.168.1.1
Mikrotik router has a subnet like 192.168.2.1
I noticed that ports/services like the web interface of the Mikrotik cannot be accessed by devices from the other / main subnet, unless I change the "eth1" interface list to "LAN" (from the default "WAN").
- Is that correct / normal ?
- What does that do ? Does it automatically change some firewall rules ?
- Also, with this configuration, it is correct to use mask 255.255.255.0 on main router under "network > lan" ? It doesn't need 255.255.0.0, correct ?
Not important: I also set static "routes" on main router telling devices on main router to find Mikrotik's subnet using Mikrotik's ip from main router.