Community discussions

MikroTik App
 
xander21101979
just joined
Topic Author
Posts: 1
Joined: Wed Nov 14, 2018 5:08 pm

Interconnect two different network

Wed Nov 14, 2018 5:18 pm

Hi,
I need some suggestion to solve this issue: I have the main LAN network (10.5.17.0/24, with gateway 10.5.17.1) and a secondary network (192.168.88.0/24 with gateway 192.168.88.1).

I need that the host connected to 192.168.88.0/24 network can contact devices (printers) and server on network 10.5.17.0/24 but the internet connection must be direct (it have not pass throught 10.5.17.1)
.
The 192.168.88.0 network have following router RB2011UiAS-2HnD.

I tried to assign on eth10 the address 10.5.17.250 and I created the route tables but, most probably, I done some error because do not works.

Someone could help me to configure properly the router to solve this issue ?
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Interconnect two different network

Fri Nov 16, 2018 7:45 am

Just to be clear.
You have ONE router and behind that router you have two networks/LANs
(assume one is on a bridge and the other not, or each on a separate bridge, or both not a bridge.
(assume you have the latest firmware).

What you need to do is create an address list in ip firewall rules for all the devices on the 10. network/lan that need to be available.
address list = crossLANaccess - 10.5.17.xx (printer 1)
address list = crossLANaccess - 10.5.17.yy (printer 2)
address list = crossLANaccess - 10.5.17.zz (server 1)
etc..

Then in IP firewall rules in the forwarding chain create a LAN2 to LAN1 accept rule as follows:
/ip firewall
add action=accept chain=forward comment="LAN2 Access to LAN1 Devices"" \
dst-address-list=crossLANaccess in-interface=????????? src-address=192.168.88.0/24

Note1: I do not know what interface or interfaces LAN2 is resident on but that is what you put for in-interface (it could be an etherport or it could be a bridge for example).
Note2: Without knowledge of your firewall rules, its a bit of a guess whether this is the way to proceed.
Best to post your config.
 
User avatar
Steveocee
Forum Guru
Forum Guru
Posts: 1120
Joined: Tue Jul 21, 2015 10:09 pm
Location: UK
Contact:

Re: Interconnect two different network

Fri Nov 16, 2018 3:58 pm

If both networks are running from the one single RB2011 in the middle then you do not need to do anything to get them talking. Both networks are connected to a "router" so it will naturally route between them.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Interconnect two different network

Fri Nov 16, 2018 4:53 pm

Hi Steve, I took it more as he wanted his LAN2 to ONLY be able to access certain devices on LAN1, and after that just have access to the internet.
I further assumed he does not want anyone on LAN1 accessing LAN2 at all.
So, concur there is more info required to understand the scenario but I would add.
The op probably needs firewaall rules in the forward chain.

allow LAN1 to WAN
allow LAN2 to WAN
Allow LAN2 to specific LAN1 devices (as per the rule I constructed above.
Last rule - Drop all Else.

If I was to assume the OP works on an allow everything premise - vice my nothing is allowed unless explicitly stated then it would look like this:

Allow LAN2 to LAN1 (source address list)
Block LAN2 to LAN1 (rest not allowed)
Block LAN1 to LAN2 (if this is also what the OP intended)

My advice is for the OP to provide more clarity and to post their config!

Who is online

Users browsing this forum: Google [Bot] and 11 guests