Hello,
I am writing to ask you about the mikrotik router configuration for technology called Logitech Flow.
In short:

Logitech Flow uses the network to link multiple (up to three) computers and allow them to share a mouse and keyboard. To accomplish this, Flow uses a few different techniques depending on your network configuration:
- For computers on the same subnet that can ping each other using UDP broadcasts, Flow uses a fixed UDP port (59867) to listen for and discover other peers.
- For those computers that are behind routers or firewalls, Flow uses a Logitech cloud service to assist with peer discovery. This discovery technique uses TCP port 443 to communicate with the server and UDP port 59868 to listen for pings from peers.

As per documentation, computers should be connected to the same network and then it works fine.
But what I want to achieve is to make it work between two networks. I have a private and public network configured using single bridge with separate vlans based on this topic:
viewtopic.php?f=13&t=143620&sid=9b27454 ... 0399bb65d9 (Router-Switch-AP (all in one))

I've tried different configurations like dst nat using broadcast address, firewall rules etc but nothing works.
Based on torch output it tries to connect on port UDP 59867 to broadcast address within the same network.
So it is possible within one bridge, using different vlans to make it work?

I would be grateful for any tips.
Thanks,
Sebastian

Broadcast packets are never routed, discovery protocols such as this only work within a particular LAN or VLAN. Your quote suggests that Logitech have a backup method for devices in different broadcast domains 'computers that are behind routers or firewalls', but they do not say if that works if the devices are behind the same firewall.

Thanks for the update! I thought that maybe broadcast packets can work within the same bridge.
So in this case it seems that the first solution is not possible.

Regarding the second solution there is one additional sentence on Logitech support page:

Only certain device information are sent to the server and is sent and stored encrypted for security. Once peers discover each other, they use TCP port 59866 to establish a secure peer network to send control data. All traffic sent across this network is also encrypted for security purposes.

Even though I was not able to make it work. I couldn't catch any traffic on TCP port 59866
If you have any other ideas it would be great. In the meantime, I will contact with their support and ask if it can work behind the same firewall.