Community discussions

MikroTik App
  4. RouterOS
  5. General

Join two houses to one LAN (VPN?)  [SOLVED]

Post Reply
 
dorwin
just joined
Topic Author
Posts: 7
Joined: Thu Dec 24, 2015 1:29 pm

Join two houses to one LAN (VPN?)

Tue Mar 19, 2019 3:57 pm

Hello,

I have two houses where I have FTTH (the same provider). Behind the AP I have Mikrotik RouterBoard RB750Gr3 hEX. On both houses I have also public static IP and all incomming connections is forwarded to Mikrotik.

How can I securely join those two LANs?

house1: 192.168.130.0
house2: 192.168.131.0

and to have two DHCP servers, two DNS, but I can see devices between networks?
Of course, connection to internet (outside LAN) will be through particular AP.

for example I need to access NAS in House1 locally from House2
And connection between those two houses should be permanent.

Or it is better to join them into one network 192.168.130.0 and to have two DHCP servers, where first will have rande 0-128 and the second 129-255? and they will share local DNS addresses?
I want it functional also in case, that one of mikrotik is off, then it doesn´t affect second mikrotik with it's LAN

for better explanation here is the image (IP address are fictional :) )
Clipboard01.jpg
I am beginner and would like to know, where to start
thank you
You do not have the required permissions to view the files attached to this post.
Top
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1764
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: Join two houses to one LAN (VPN?)  [SOLVED]

Tue Mar 19, 2019 5:00 pm

Setup is unclear
what do you mean "all incomming connections is forwarded to Mikrotik" ???
Do you have public IPs on the mikrotiks themselves, if yes setup is easy


1) change local DHCPs to the same network, make sure that pools on one house uses different range than other house.
for example:
house one: Routers IP 192.168.130.1/24
DHCP pool 192.168.130.2- 192.168.130.100
House two Routers IP 192.168.130.254/24
DHCP pool 192.168.130.101- 192.168.130.200

2) create EOIP tunnel between both mikrotiks and add it to local bridge on both sides:
https://wiki.mikrotik.com/wiki/Manual:I ... p_examples
If you are paranoid, you can check "use ipsec" and specify secret on both sides.

3) there will be some DHCP war going on afterwards
there you can ether
a) choose one and add delay to other one so it acts like backup
b) have two complete sets of static leases, and check "block access" to set that shouldn't be using this server
c) have some rules in bridge filter that forbids DHCP traffic over EOIP
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19363
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: Join two houses to one LAN (VPN?)

Tue Mar 19, 2019 6:56 pm

Concur, thought about doing this with my brother who lives in Europe. (EOIP tunnel)
Use dedicated ports if necessary at either end for the network (for example if its for access to an NAS for example) or to physically control what is accessible.
The idea being that he has a EOIP port live at his house. He can plug his computer into that port and then be on a LAN that is running from my house.
Top
 
dorwin
just joined
Topic Author
Posts: 7
Joined: Thu Dec 24, 2015 1:29 pm

Re: Join two houses to one LAN (VPN?)

Wed Mar 20, 2019 8:25 am

Setup is unclear
what do you mean "all incomming connections is forwarded to Mikrotik" ???
Do you have public IPs on the mikrotiks themselves, if yes setup is easy

Thank you! I will try this solution, it seems to be clear. My mikrotiks has no public IPs but from AP's is forwarded alll communications to them, so it is quite the same.
Top
Post Reply

Who is online

Users browsing this forum: GoogleOther [Bot], sebus46 and 100 guests
  4. RouterOS
  5. General