I am trying to setup a little play lab so i can play around with the MT router extra ports.
I am trying to add extra DHCP servers on port 7 and 10 and i have removed them from the bridge.
The problem is that it is issuing IP's it can not access the internet or even ping anything.
This is the intention
And this is my script to setup my play lab
Code: Select all
/ip address
add interface=ether10 address=192.168.89.1/24
add interface=ether7 address=192.168.90.1/24
/ip pool
add name=poolether10 ranges=192.168.89.10-192.168.89.254
add name=poolether7 ranges=192.168.90.10-192.168.90.254
/ip dhcp-server
add disabled=no authoritative=yes bootp-support=none name=dhcpether10 interface=ether10 address-pool=poolether10
add disabled=no authoritative=yes bootp-support=none name=dhcpether7 interface=ether7 address-pool=poolether7
/ip dhcp-server network
add address=192.168.89.0/24 gateway=192.168.89.1
add address=192.168.99.0/24 gateway=192.168.99.1
/ip firewall connection tracking
set enabled=yes
/ip firewall filter
add chain=forward action=accept connection-state=established
add chain=forward action=accept connection-state=related
add chain=forward action=drop connection-state=invalid
add chain=forward action=drop out-interface=!WAN src-address=192.168.89.0/24 comment="Prevent inter-subnet communication"
add chain=forward action=drop out-interface=!WAN src-address=192.168.90.0/24 comment="Prevent inter-subnet communication"
/ip firewall nat
add chain=srcnat action=masquerade out-interface=WAN
Here is my export.
Code: Select all
# sep/20/2018 12:13:33 by RouterOS 6.43.1
# software id = VIY5-WIQN
#
# model = 2011UiAS-2HnD
# serial number = 7A6708626CDD
/interface bridge
add admin-mac=CC:2D:E0:2F:85:C3 auto-mac=no comment=defconf name=bridgeLocal
/interface wireless
# managed by CAPsMAN
set [ find default-name=wlan1 ] ssid=MikroTik
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.88.20-192.168.88.200
add name=poolether10 ranges=192.168.89.10-192.168.89.254
add name=poolether7 ranges=192.168.90.10-192.168.90.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridgeLocal name=dhcp1
add address-pool=poolether10 disabled=no interface=ether10 name=dhcpether10
add address-pool=poolether7 disabled=no interface=ether7 name=dhcpether7
/interface bridge port
add bridge=bridgeLocal comment=defconf interface=ether1
add bridge=bridgeLocal comment=defconf interface=ether2
add bridge=bridgeLocal comment=defconf interface=ether3
add bridge=bridgeLocal comment=defconf interface=ether4
add bridge=bridgeLocal comment=defconf interface=ether5
add bridge=bridgeLocal comment=defconf interface=ether6
add bridge=bridgeLocal comment=defconf interface=ether8
add bridge=bridgeLocal comment=defconf interface=ether9
add bridge=bridgeLocal comment=defconf interface=sfp1
/ip firewall connection tracking
set enabled=yes
/interface list member
add interface=wlan1 list=WAN
add interface=bridgeLocal list=LAN
/interface wireless cap
#
set bridge=bridgeLocal discovery-interfaces=bridgeLocal enabled=yes interfaces=wlan1
/ip address
add address=192.168.88.1/24 interface=ether1 network=192.168.88.0
add address=192.168.89.1/24 interface=ether10 network=192.168.89.0
add address=192.168.90.1/24 interface=ether7 network=192.168.90.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=bridgeLocal
add dhcp-options=hostname,clientid disabled=no interface=wlan1
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1 netmask=24
add address=192.168.89.0/24 dns-server=1.1.1.1,1.0.0.1 domain=DOM89 gateway=192.168.89.1
add address=192.168.99.0/24 dns-server=1.1.1.1,1.0.0.1 domain=DOM99 gateway=192.168.99.1
/ip firewall filter
add action=accept chain=forward connection-state=established
add action=accept chain=forward connection-state=related
add action=drop chain=forward connection-state=invalid disabled=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=masquerade chain=srcnat comment=ether5 out-interface=ether7
/system clock
set time-zone-name=Africa/Johannesburg
/system routerboard settings
set silent-boot=no