Community discussions

 
JanJoh
newbie
Topic Author
Posts: 49
Joined: Tue Nov 26, 2013 10:14 pm

A bit of beginners help with CRS125-24G-1S-RM?

Thu Nov 28, 2013 11:55 am

Hello forum!
Long time nerd/networker, but first time MikroTik user here!

So, i bought a CRS125-24G-1S-RM given that it seemed to represent a very good value for money.
It does, however, scare the crap out of me from a feature perspective given then price.

Anyhow, I have got it pretty basic now. ether1-gateway to my fiber connection, and local access on the rest of the ports.
I have added some dstnat, set up uPnP/SNTP, found and modified a NO-IPscript and general housekeeping

Now, i need to get creative, and I cannot get the "Eureka!" moment to figure it out.


From my fiber i have one CAT5e to my patch closet. Now i need to hook up the providers Zyxel-box to get VoIP working.

So, i would need to set up a VLAN (i guess) to sort this out. I know i could definit a three port block for this, and then run one cable to the fiber, one to the zyxel, and one to ether1-gateway.

But, surely there must be a way to bridge ether1-gateway and another port and hook my zyxel there? Or some other cleverness.

Yes, the provider gives me several public IP's so that is covered

In the attached file, the "top half" is the function that I desire, and the "bottom half" is how I would like to wire it.
You do not have the required permissions to view the files attached to this post.
 
Rudios
Forum Veteran
Forum Veteran
Posts: 966
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: A bit of beginners help with CRS125-24G-1S-RM?

Thu Nov 28, 2013 3:04 pm

You should create a bridge and add 2 ports. One coming from the ISP and the second one connected to the Zyxel.
Let your ISP give you an public IP on that bridge for internet.
Testing setup with: 2 x RB750UP | 2 x RB750GL | 1 x RB951G-2HnD | 1 x RB2011UiAS-IN
 
JanJoh
newbie
Topic Author
Posts: 49
Joined: Tue Nov 26, 2013 10:14 pm

Re: A bit of beginners help with CRS125-24G-1S-RM?

Thu Nov 28, 2013 3:48 pm

You should create a bridge and add 2 ports. One coming from the ISP and the second one connected to the Zyxel.
Let your ISP give you an public IP on that bridge for internet.
Yeah, but will "everything" work if I add ether1-gateway to a bridge? No issues with masquerading of current setup or so?
 
Rudios
Forum Veteran
Forum Veteran
Posts: 966
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: A bit of beginners help with CRS125-24G-1S-RM?

Thu Nov 28, 2013 7:17 pm

Your config must be altered to make use of the bridge.
Public ip must move from ether to bridge and depending on your NAT rule, it must be changed.
Testing setup with: 2 x RB750UP | 2 x RB750GL | 1 x RB951G-2HnD | 1 x RB2011UiAS-IN
 
efaden
Forum Guru
Forum Guru
Posts: 1711
Joined: Sat Mar 30, 2013 1:55 am
Location: New York, USA

Re: A bit of beginners help with CRS125-24G-1S-RM?

Thu Nov 28, 2013 7:18 pm

Your config must be altered to make use of the bridge.
Public ip must move from ether to bridge and depending on your NAT rule, it must be changed.
+1... whenever you have an interface inside of a bridge you need to set ips, firewall rules, etc... to use the bridge instead of any of the interfaces contained within it.
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: A bit of beginners help with CRS125-24G-1S-RM?

Thu Nov 28, 2013 8:09 pm

We distribute both Mikrotik and ZyXEL so hopefully we can help.

How is your Internet IP service delivered to you ? Has your provider given you a /29 subnet where First (or last) usable address is the Gateway you use ?

e.g 203.171.1.0/29

ISP GW 203.171.1.1
1st User host = 203.171.1.2,
2nd User host = 203.171.1.3
etc ?

If so then I would use Mikrotik ether1 as your WAN and assign a usable address to it such as 203.171.1.1/24 to it. Note some ISP's need a VLAN for Fibre so if you do simply add a vlan to ether1 and assign the WAN address to that.

Create a src-nat rule out-interface=ether1(or vlan) action=masquerade to NAT the hosts behind your Mikrotik.
crs_switchgroup.JPG
Modify ether2 and set it's master port = ether1. Now anything attached to ether2 is directly connected to the WAN in parallel to the Mikrotik as a switch.

Two things to note here.

1. You say you have a CRS125, so be sure no other ports are in the same switch group (see picture) as ether1 & 2 .

2. The reason we use a switch and not a bridge is ideally we want the traffic to not go through the Mikrotik CPU. If your Mikrotik did not have switch functionality (such as CCR1016 or CCR1036) you would have to use a bridge instead.


This should let your ZyXEL connect for VoIP and the Mikrotik will also have internet access without needing a separate switch.

Hope this helps.
You do not have the required permissions to view the files attached to this post.
 
JanJoh
newbie
Topic Author
Posts: 49
Joined: Tue Nov 26, 2013 10:14 pm

Re: A bit of beginners help with CRS125-24G-1S-RM?

Fri Nov 29, 2013 12:19 am

We distribute both Mikrotik and ZyXEL so hopefully we can help.

How is your Internet IP service delivered to you ? Has your provider given you a /29 subnet where First (or last) usable address is the Gateway you use ?
Nope, no proper subnet. You get up to five addresses via DHCP. They are just individual addresses.

Now, I have (sorta) realized how i define "virtual switches" so to speak.

Does this mean that I could just use ether1-gw and then set ether2 to have ether1 as master and hook the zyxel 2812 there?

then set ether[4-8] to have ether3 as master and connect my "local" equipment there?
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: A bit of beginners help with CRS125-24G-1S-RM?

Fri Nov 29, 2013 2:25 am

That would work :-)
 
JanJoh
newbie
Topic Author
Posts: 49
Joined: Tue Nov 26, 2013 10:14 pm

Re: A bit of beginners help with CRS125-24G-1S-RM?

Thu Feb 20, 2014 11:02 am

Ok, rebooting this question as the installation did not really occur as I had expected.

The scenario is the same, but the zyxel ata-adapter is no longer connected to the Mikrotik. I have a switch elsewhere in the house to which the ATA is connected.

In the attached drawing I want to obtain a setup which gives me the functionality of the "dashed line". In other Words, i want the VOIP-adapter behind the zyxel switch (A Zyxel GS1900-8 but that should not really matter) to have a L2-connection to my internet provider.

Also, i want my "general local network" to be accessible on both switches?

So, how do i tackle this?
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: No registered users and 30 guests