PROBLEM:
1. PC1 and PC2 can go Internet but
can't ping each other
When I traceroute ping from PC1 to PC2. PC1 traffic goes to internet not thru PC2 gw 192.168.0.129
2. PC1 can't ping 192.168.0.1
PC2 can't ping 192.168.0.129
What's wrong with my steps
tq
INFO
WAN
# export
/queue simple
add max-limit=128k/128k name=128k target=ether2
add max-limit=256k/256k name=256k target=ether3
/ip address
add address=13.13.13.1/30 interface=ether2 network=13.13.13.0
add address=23.23.23.1/30 interface=ether3 network=23.23.23.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat src-address=13.13.13.0/30
add action=masquerade chain=srcnat src-address=23.23.23.0/30
R1
# export
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool1 ranges=192.168.0.21-192.168.0.125
add name=dhcp_pool2 ranges=192.168.0.131-192.168.0.235
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether3 name=dhcp1
add address-pool=dhcp_pool2 disabled=no interface=ether4 name=dhcp2
/ip address
add address=13.13.13.2/30 interface=ether1 network=13.13.13.0
add address=23.23.23.2/30 interface=ether2 network=23.23.23.0
add address=192.168.0.1/25 interface=ether3 network=192.168.0.0
add address=192.168.0.129/25 interface=ether4 network=192.168.0.128
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.0.0/25 dns-server=8.8.8.8 gateway=192.168.0.1
add address=192.168.0.128/25 dns-server=8.8.8.8 gateway=192.168.0.129
/ip firewall mangle
add action=mark-routing chain=prerouting in-interface=ether3 new-routing-mark=ISP1
add action=mark-routing chain=prerouting in-interface=ether4 new-routing-mark=ISP2
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat out-interface=ether2
/ip route
add check-gateway=ping distance=11 gateway=13.13.13.1 routing-mark=ISP1
add check-gateway=ping distance=12 gateway=23.23.23.1 routing-mark=ISP1
add check-gateway=ping distance=11 gateway=23.23.23.1 routing-mark=ISP2
add check-gateway=ping distance=12 gateway=13.13.13.1 routing-mark=ISP2
add distance=11 gateway=13.13.13.1
add distance=11 gateway=23.23.23.1
/system identity
set name=R1
PC1
# export
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether3
/system identity
set name=PC1
PC2
# export
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether3
/system identity
set name=PC2
Can't ping between LAN subnet
You do not have the required permissions to view the files attached to this post.
Re: Can't ping between LAN subnet
Your policy-based routing is the reason.PROBLEM:
1. PC1 and PC2 can go Internet but
can't ping each other
When I traceroute ping from PC1 to PC2. PC1 traffic goes to internet not thru PC2 gw 192.168.0.129
2. PC1 can't ping 192.168.0.1
PC2 can't ping 192.168.0.129
What's wrong with my steps
tq
Exempt the LAN ranges from policy routing with route rules:
/ip route rule
add action=lookup-only-in-table dst-address=192.168.0.0/24 table=main
(since your two LANs fall into this one /24 prefix, one rule is enough, but if you have LANs that are not part of the same CIDR block like this, just add one rule for each LAN network address in your system)
Re: Can't ping between LAN subnet
Thanks... Solved my problem too..
Re: Can't ping between LAN subnet
Thanks a lot. It worked for me too. I couldn't ping local addresses after applying mangle rules on two different VLAN for a dual WAN setup.