I have two LAN interface with different ips.

LAN 1 = 11.1.1.1/24
LAN 2 = 192.168.2.1/24

I have a sharing server on LAN 1 with IP 11.1.1.5

& i want to access my sharing pc ip 11.1.1.5 from LAN 2 Network with ip 192.168.2.1/24

Please Guide.

This is normal IP routing. As long as you have default gateways on your computers pointing to the router this should work.

Can you post the output of:

/ip address print
/ip route print
/ip firewall filter print
/ip firewall nat print

This is normal IP routing. As long as you have default gateways on your computers pointing to the router this should work.

Can you post the output of:

/ip address print
/ip route print
/ip firewall filter print
/ip firewall nat print

[admin@admin] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 11.1.1.1/24 11.1.1.0 11.1.1.255 Lan
1 10.1.1.4/24 10.1.1.0 10.1.1.255 Wan
2 111.1.1.1/24 111.1.1.0 111.1.1.255 Wifi
________________________________________________________

[admin@admin] /ip route> print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE IN..
0 A S 0.0.0.0/0 r 10.1.1.1 1 Wan
1 ADC 10.1.1.0/24 10.1.1.4 0 Wan
2 ADC 11.1.1.0/24 11.1.1.1 0 Lan
3 ADC 111.1.1.0/24 111.1.1.1 0 Wifi
__________________________________________________________


[admin@admin] /ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic

1 chain=input action=drop protocol=icmp src-address=11.1.1.0/24
icmp-options=8:0-255

2 ;;; allow established connections
chain=forward action=accept connection-state=established

3 ;;; allow related connections
chain=forward action=accept connection-state=related

4 chain=forward action=drop connection-state=invalid
______________________________________________________________

[admin@admin] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat action=redirect to-ports=8080 protocol=tcp dst-port=80

1 chain=srcnat action=masquerade out-interface=Lan

2 chain=srcnat action=masquerade src-address=11.1.1.0/24

3 chain=srcnat action=masquerade out-interface=Wifi

4 chain=srcnat action=masquerade src-address=111.1.1.0/24
_____________________________________________________________

How does 192.168.2.1/24 connect to all that?

Also, using 111.1.1.1/24 and 11.1.1.1/24 is an extremely bad idea. Those are public IPs that are guaranteed to not belong to you. Use RFC1918 space instead.

i just changed Ip Address from 192.168.2.1/24 to 111.1.1.1/24.


i want to access 11.1.1.5 (Lan 1) from 111.1.1.0/24 (lan2)

how this will possible????

i have problem nearly same like this, but my problem is , there is 2 IP on 1 Ethernet port 192.168.12.0/24 for static IP and 192.168.15.0/24 for Dynamic IP

the problem is i can't remote desktop to server on ip 192.168.12.xx from 192.168.15.xx

# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.12.xxx/24 192.168.12.0 192.168.12.255 etherLocal
1 192.168.11.x/28 192.168.11.0 192.168.11.15 etherDMZ
2 2xx.xxx.xxx.xxx 2xx.xxx.xxx.xxx etherInternet
3 1xx.xxx.xxx.xxx/24 10.0.0.0 10.0.0.255 etherInternet
4 192.168.10.x/24 192.168.10.0 192.168.10.255 etherProxy
5 192.168.15.x/24 192.168.15.0 192.168.15.255 etherLocal

Route
------

# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INT
0 A S 0.0.0.0/0 r 2xx.xxx.xxx.xxx 1 eth
1 A S 0.0.0.0/0 r 1xx.xxx.xxx.xxx 1 eth
2 ADC 1xx.xxx.xxx.xxx/xx 1xx.xxx.xxx.xxx 0 eth
3 ADC 192.168.10.0/24 192.168.10.1 0 eth
4 ADC 192.168.11.0/28 192.168.11.6 0 eth
5 ADC 192.168.12.0/24 192.168.12.xxx 0 eth
6 ADC 192.168.15.0/24 192.168.15.2 0 eth
7 ADC 2xx.xxx.xxx.xxx/xx 2xx.xxx.xxx.xxx 0 eth


FILTER
-------
0 ;;; Drop Invalid Connections
chain=input action=drop connection-state=invalid

1 ;;; Deny access to Mikrotik from public network
chain=input action=drop protocol=tcp in-interface=etherInternet
dst-port=8291

2 chain=input action=drop protocol=tcp in-interface=etherInternet
dst-port=8080

3 chain=forward action=drop protocol=tcp in-interface=etherInternet
dst-port=8080

4 chain=input action=drop protocol=udp in-interface=etherInternet
dst-port=5678

5 chain=output action=drop protocol=udp dst-port=5678

6 chain=forward action=drop protocol=tcp in-interface=etherInternet
dst-port=8291

7 ;;; Viruses
chain=forward action=drop protocol=udp src-port=130-140

8 chain=forward action=drop protocol=tcp src-port=130-140

9 chain=forward action=drop protocol=tcp dst-port=130-140

10 chain=forward action=drop protocol=udp dst-port=130-140

11 chain=forward action=drop protocol=udp src-port=950-955

12 chain=forward action=drop protocol=tcp src-port=950-955

13 chain=forward action=drop protocol=udp dst-port=950-955

14 chain=forward action=drop protocol=tcp dst-port=950-955

15 chain=forward action=drop protocol=udp src-port=67-68

16 chain=forward action=drop protocol=tcp src-port=67-68

17 chain=forward action=drop protocol=udp dst-port=67-68


NAT
----
0 ;;; MASQUREADE INTERNET
chain=srcnat action=masquerade out-interface=etherInternet

1 ;;; Redirect HTTP Traffic to PROXY
chain=dstnat action=dst-nat to-addresses=192.168.10.100 to-ports=9999
protocol=tcp src-address=192.168.12.0/24 dst-address-list=!ournetwork
in-interface=etherLocal dst-port=80

2 ;;; Redirect HTTP Traffic to PROXY (For DHCP)
chain=dstnat action=dst-nat to-addresses=192.168.10.100 to-ports=9999
protocol=tcp src-address=192.168.15.0/28 dst-address-list=!ournetwork
in-interface=etherLocal dst-port=80

3 ;;; Redirect HTTP or Free Proxies to Internal Web Proxy
chain=dstnat action=dst-nat to-addresses=192.168.10.100 to-ports=9999
protocol=tcp src-address=192.168.12.0/24 dst-address-list=!ournetwork
in-interface=etherLocal dst-port=3128

4 chain=dstnat action=dst-nat to-addresses=192.168.10.100 to-ports=9999
protocol=tcp src-address=192.168.12.0/24 dst-address-list=!ournetwork
in-interface=etherLocal dst-port=8080

5 chain=dstnat action=dst-nat to-addresses=192.168.10.100 to-ports=9999
protocol=tcp src-address=192.168.12.0/24 dst-address-list=!ournetwork
in-interface=etherLocal dst-port=5080

6 chain=dstnat action=dst-nat to-addresses=192.168.10.100 to-ports=9999
protocol=tcp src-address=192.168.12.0/24 dst-address-list=!ournetwork
in-interface=etherLocal dst-port=8081

7 X ;;; Redirect DNS
chain=dstnat action=dst-nat to-addresses=192.168.12.2xx to-ports=53
protocol=udp dst-port=53

8 ;;; Allow Webserver for xxxxxxxxxxxxxxxxxxxxxxxxxxx
chain=dstnat action=dst-nat to-addresses=192.168.11.4 to-ports=80
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=80

9 chain=srcnat action=src-nat to-addresses=192.168.12.2xx
to-ports=1024-65535 protocol=tcp dst-address=192.168.11.4 dst-port=80

10 ;;; LDAP Forwarder
chain=dstnat action=dst-nat to-addresses=192.168.12.2xx to-ports=389
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=389

11 chain=srcnat action=src-nat to-addresses=192.168.12.2xx
to-ports=1024-65535 protocol=tcp dst-address=192.168.12.2xx
dst-port=389

12 ;;; NAT rule for Openfire
chain=dstnat action=dst-nat to-addresses=192.168.11.4 to-ports=5222
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=5222

13 chain=srcnat action=src-nat to-addresses=192.168.11.6 protocol=tcp
dst-address=192.168.11.4 dst-port=5222

14 ;;; Allow Openfire remote admin@xxxxxxxxxxxxxxxxxxxxxxxxxxx:9090
chain=dstnat action=dst-nat to-addresses=192.168.11.4 to-ports=9090
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=9090

15 chain=srcnat action=src-nat to-addresses=192.168.11.6
to-ports=1024-65535 protocol=tcp dst-address=192.168.11.4
dst-port=9090

16 X ;;; Allow Remote for Asterisk
chain=dstnat action=dst-nat to-addresses=192.168.12.110 to-ports=5060
protocol=udp dst-address=2xx.xxx.xxx.xxx dst-port=5060

17 X chain=srcnat action=src-nat to-addresses=192.168.12.2xx
to-ports=1024-65535 protocol=udp dst-address=192.168.12.110
dst-port=5060

18 X chain=dstnat action=dst-nat to-addresses=192.168.12.110 to-ports=4569
protocol=udp dst-address=2xx.xxx.xxx.xxx dst-port=4569

19 X chain=srcnat action=src-nat to-addresses=192.168.12.2xx
to-ports=1024-65535 protocol=udp dst-address=192.168.12.110
dst-port=4569

20 X chain=dstnat action=dst-nat to-addresses=192.168.12.110 to-ports=10001
protocol=udp dst-address=2xx.xxx.xxx.xxx dst-port=10001

21 X chain=srcnat action=src-nat to-addresses=192.168.12.2xx
to-ports=1024-65535 protocol=udp dst-address=192.168.12.110
dst-port=10001

22 ;;; Transfer file rule for Openfire
chain=dstnat action=dst-nat to-addresses=192.168.11.4 to-ports=7777
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=7777

23 chain=srcnat action=src-nat to-addresses=192.168.11.6 protocol=tcp
dst-address=192.168.11.4 dst-port=7777

24 ;;; Allow FTP@xxxxxxxxxxxxxxxxxxxxxxxxxxx:21
chain=dstnat action=dst-nat to-addresses=192.168.11.4 to-ports=21
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=21

25 chain=srcnat action=src-nat to-addresses=192.168.11.6
to-ports=1024-65535 protocol=tcp dst-address=192.168.11.4 dst-port=21

26 ;;; Allow RDP@xxxxxxxxxxxxxxxxxxxxxxxxxxx:3389
chain=dstnat action=dst-nat to-addresses=192.168.12.100 to-ports=3389
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=3389

27 chain=srcnat action=src-nat to-addresses=2xx.xxx.xxx.xxx
to-ports=1024-65535 protocol=tcp dst-address=192.168.12.100
dst-port=3389

28 ;;; Allow NOD32Update@xxxxxxxxxxxxxxxxxxxxxxxxxxx:6969
chain=dstnat action=dst-nat to-addresses=192.168.12.100 to-ports=80
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=6969

29 chain=srcnat action=src-nat to-addresses=2xx.xxx.xxx.xxx
to-ports=1024-65535 protocol=tcp dst-address=192.168.12.100
dst-port=80

30 ;;; Allow CCTV Server
chain=dstnat action=dst-nat to-addresses=192.168.12.243 to-ports=7000
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=7000

31 chain=srcnat action=src-nat to-addresses=192.168.12.2xx
to-ports=1024-65535 protocol=tcp dst-address=192.168.12.243
dst-port=7000

32 ;;; Allow MRTG@xxxxxxxxxxxxxxxxxxxxxxxxxxx:6969
chain=dstnat action=dst-nat to-addresses=192.168.10.100 to-ports=80
protocol=tcp dst-address=2xx.xxx.xxx.xxx dst-port=6869

33 chain=srcnat action=src-nat to-addresses=2xx.xxx.xxx.xxx
to-ports=1024-65535 protocol=tcp dst-address=192.168.10.100
dst-port=80

34 X ;;; Redirect Mikrotik admin page to xxxxxxxxxxxxxxxxxxxxxxxxxxx
chain=dstnat action=dst-nat to-addresses=192.168.11.4 to-ports=80
protocol=tcp dst-address=192.168.12.2xx dst-port=80

35 X chain=srcnat action=src-nat to-addresses=192.168.11.6
to-ports=1024-65535 protocol=tcp dst-address=192.168.11.4 dst-port=80

36 X ;;; NAT Rule for Application Server
chain=srcnat action=src-nat to-addresses=2xx.xxx.xxx.xxx
src-address=192.168.11.0/24 out-interface=ether5

37 X ;;; NAT Rule for SQUID Server
chain=srcnat action=src-nat to-addresses=2xx.xxx.xxx.xxx
src-address=192.168.11.5 out-interface=ether5

38 X ;;; Allow FTP for Application Server
chain=dstnat action=dst-nat to-addresses=2xx.xxx.xxx.xxx to-ports=995
protocol=tcp dst-address=1xx.xxx.xxx.xxx dst-port=995

39 X chain=srcnat action=src-nat to-addresses=2xx.xxx.xxx.xxx
to-ports=1024-65535 protocol=tcp dst-address=2xx.xxx.xxx.xxx
dst-port=995

40 chain=dstnat action=dst-nat to-addresses=2xx.xxx.xxx.xxx to-ports=7777
protocol=tcp dst-address=192.168.12.2xx dst-port=3389

is something wrong with my configuration ????

i just changed Ip Address from 192.168.2.1/24 to 111.1.1.1/24.


i want to access 11.1.1.5 (Lan 1) from 111.1.1.0/24 (lan2)

how this will possible????

Waiting for Experts` Advice.

There is nothing on your router that would prevent that.

LAN 1 = 11.1.1.1/24
LAN 2 = 111.1.1.1/24

I have a sharing server on LAN 1 with IP 11.1.1.5

& i want to access my sharing pc ip 11.1.1.5 from LAN 2 Network with ip 111.1.1.1/24

I think it is possible by routing. if clear is there a solution for this or not?

Again, there is nothing in the configuration you shared that would prevent that from already working.

Do you have default gateways on the computers on the two networks? Are they set correctly?

Yes, On Both Interfaces Internet Is Working Perfectly.

Both have there own gateways like
11.1.1.1 Lan 1
111.1.1.1 Lan 2


Lan 2 users can access lan 1 ip for sharing but in very dead speed like 2 or 3 Kb/s

i want to provide proper speed to lan 2 as lan 1 consume.

Experts Please Provide Solution For This.

There is nothing on your router that would prevent that.

You Mean Mine?

This is normal IP routing. As long as you have default gateways on your computers pointing to the router this should work.

Can you post the output of:

/ip address print
/ip route print
/ip firewall filter print
/ip firewall nat print

Whats that "normal IP routing??"


Experts???

Just IP routing. Standard routing. IP routing like it would function under normal circumstances.

Did I read your post above that right, and has it been working all along but is just working slowly?
That's a huge difference to when you originally posted. You indicated it wasn't working at all.

sorry for not mentioned clearly.

is there any solution,

that LAN 2 (111.1.1.0)
users can equally enjoying speed of 11.1.1.5

as Lan 1 (11.1.1.0/24) users having.???


Please provide solution asap.

Draw a network diagram including link types and post any queues you have set up

please check the attached picture.

0 name="12" target-addresses=11.1.1.12/32 dst-address=0.0.0.0/0
interface=all parent=none direction=both priority=8
queue=Upload/Download D limit-at=0/0 max-limit=0/0 burst-limit=0/0
burst-threshold=0/0 burst-time=0s/0s total-queue=default-small

1 name="17" target-addresses=11.1.1.17/32 dst-address=0.0.0.0/0
interface=all parent=none direction=both priority=8
queue=Upload/Download B limit-at=0/0 max-limit=0/0 burst-limit=0/0
burst-threshold=0/0 burst-time=0s/0s total-queue=default-small

2 name="W241" target-addresses=111.1.1.241/32 dst-address=0.0.0.0/0
interface=all parent=none direction=both priority=8
queue=Upload/Download B limit-at=0/0 max-limit=0/0 burst-limit=0/0
burst-threshold=0/0 burst-time=0s/0s total-queue=default-small

3 name="W239" target-addresses=111.1.1.239/32 dst-address=0.0.0.0/0
interface=all parent=none direction=both priority=8
queue=Upload/Download B limit-at=0/0 max-limit=0/0 burst-limit=0/0
burst-threshold=0/0 burst-time=0s/0s total-queue=default-small

4 name="W238" target-addresses=111.1.1.238/32 dst-address=0.0.0.0/0
interface=all parent=none direction=both priority=8
queue=Upload/Download B limit-at=0/0 max-limit=0/0 burst-limit=0/0
burst-threshold=0/0 burst-time=0s/0s total-queue=default-small

5 name="W237" target-addresses=111.1.1.237/32 dst-address=0.0.0.0/0
interface=all parent=none direction=both priority=8
queue=Upload/Download B limit-at=0/0 max-limit=0/0 burst-limit=0/0
burst-threshold=0/0 burst-time=0s/0s total-queue=default-small

When you are testing throughput, are you testing from one of those IPs?

Yes. For Testing, I set 1mbps on every ip on Lan 2.

But Lan 2 users can get only 10 t0 15 kb/s from Lan 1 Sharing pc.


i need to configure that like Lan2 users can have unlimited speed from Lan 1 sharing pc and have a limit on internet speed.


please provide the solution as soon as possible.

thanks

Disable all queues. Is it fast now?

Yes

quite better now. let me check more.

Fewi thanks alot.