Community discussions

MikroTik App
 
wisper1
just joined
Topic Author
Posts: 1
Joined: Mon Jul 25, 2005 5:37 am

Router send traffic in both directions

Mon Jul 25, 2005 5:43 am

OK firstly I don't want to sound mean but don't tell me to RTFM cuz I have and I still can't even find an answer to a question as simple as this in it.

Theoretical situation...

Computer A is 192.168.1.5
Computer B is 192.168.2.5

Router
eth1 is 192.168.1.10
eth2 is 192.168.2.10

CompA ----- eth1=ROUTER=eth2 ------ CompB

All I want is for BOTH machines to be able to ping/send traffic to each other. It's easy enough to set it up where B can talk to A but to get it where A can talk to B isn't mentioned anywhere in the manual. And I'm not sure if this is an issue of Routing table entries, NAT setup, or just firewall blocking it.

Quickie edit.
I don't mean I want to just reverse the process and have A talk to B... I want it where they can simultaniously send back and forth.

Someone help me PLEEEAAASEE!
Thanks!
 
User avatar
tneumann
Member
Member
Posts: 394
Joined: Sat Apr 16, 2005 6:38 pm
Location: Germany

Mon Jul 25, 2005 12:37 pm

Huh? There should not be any problems at all with the setup you are describing.
As long as the computers on both sides of the router have correctly set their netmask
and their default gateway is the respective interface of the router, it will just work
(make sure you don't have firewall filters on the router that are blocking).

--Tom
 
User avatar
djape
Member
Member
Posts: 469
Joined: Sat Nov 06, 2004 7:54 pm
Location: Serbia

Mon Jul 25, 2005 3:03 pm

All you have to do is to set src-nat and dst-nat cause computers A and B are in different subnet!
So take a look which computer (subnet) is routed!
Let's try this:
# ADDRESS NETWORK BROADCAST INTERFACE
0 ;;; added by setup
192.168.1.10/24 192.168.1.0 192.168.1.255 eth1

1 ;;; added by setup
192.168.2.10/24 192.168.2.0 192.168. 2.255 eth2

# DST-ADDRESS G GATEWAY DISTANCE INTERFACE
0 DC 192.168.1.0/24 0.0.0.0 0 eth1
1 DC 192.168.2.0/24 0.0.0.0 0 eth2

ip firewall src-nat print
src-address=192.168.1.5/32 out-interface=Public action=nat
to-src-address=192.168.2.4

ip firewall dst-nat print
dst-address=192.168.2.4 action=nat to-dst-address=192.168.1.5

So, now you should be able to access computer B from computer A by pinging 192.168.2.5 and also should be able to access computer A from computer B by pinging 192.168.2.4 (Computer A will physically still have 192.168.1.5)

Please, note that I wrote this without having router near me, so it's very possible that I have made mistake. Anyhow, the problem you have is regarding firewall src-nat and dst-nat rules!

Give a try and tell me what happened, we will fix it :)

Cheers...
I drink like a pirate and smoke like a hippie...
 
GJS
Member
Member
Posts: 418
Joined: Sat May 29, 2004 4:07 pm
Location: London

Mon Jul 25, 2005 3:52 pm

djape - there is no need for any NAT in this setup.

The information we are missing is the subnet mask for each address. If the subnet mask for each address is /24 or 255.255.255.0 then all that is needed is to add the router addresses to each router interface. Dynamic routing table entries will take care of the routing.
Guy

wispuk.org
A Forum Community for UK WISPs

Who is online

Users browsing this forum: MSN [Bot] and 118 guests