Community discussions

MikroTik App
just joined
Topic Author
Posts: 1
Joined: Mon Jul 27, 2020 2:22 pm

join 2 ports without dhcp

Fri Oct 16, 2020 6:42 pm

I have looked at many items on this forum, but nothing quite gives me what I need. I have tried everything within my skillset but am now stuck.
This is what I am trying to achieve.
port1 broadband
port 2-4 Lan on ip with DHCP
port 5 another network which has its own dhcp.
be able to see each network, ie

first I tried just using the standard bridge and joining all 5 together, but this just sent the DHCP form each network back to the other network.
second I tried giving each port 2-5 and 5 a static IP and, then linking them together with a firwall filter rule, but all I have done is block the connections altogether.

Any pointers would be apreciated.
Long time Member
Long time Member
Posts: 516
Joined: Sat May 05, 2018 11:55 am

Re: join 2 ports without dhcp

Fri Oct 16, 2020 10:19 pm

If you have a working setup with ether1 as WAN and ether2-5 in a bridge as LAN all you should have to do is remove ether5 from the bridge and add an IP address to that port.

The mikrotik will route traffic between the two subnets, subject to firewall rules, but you will have to make changes to devices on the subnet in order for traffic to be returned. This can be static routes on each device, or a static route on the other router for the subnet.

A diagram of exactly what you are trying to achieve would likely be more useful than attempting to infer everything from a brief description.
User avatar
Forum Guru
Forum Guru
Posts: 5413
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: join 2 ports without dhcp

Sat Oct 17, 2020 2:16 am

I would use VLANS to separate the subnets and all tied to one bridge.
That way all the interfaces can be on the bridge (except ether1 to your modem) and then you can run vlans (subnets) over any interface you wish (max flex).
Finally use Firewall forward chain rules to create any cross talk you wish to permit, for example all the users in vlan10, are allowed access to the shared Printer IP address on VLAN 20, or
vlan 10 users (3 of them by firewall address list) are allowed to access a server on vlan20 and so on.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!

Who is online

Users browsing this forum: ahtoh, Majestic-12 [Bot] and 134 guests