annage2007 -
thanks for all yor replys the problems were solved
Sure would be nice for everyone to know how you fixed your issues - that's the purpose of the forum - to share knowledge...
samsoft08 -
Main ROS --- Main AP (RB333) ====== client ( RBxxx ) -----client ROS ---- client network
1- Main ROS : Wan - NAT - Lan .... xx.xx.xx.xx , 192.168.1.1
2- Main AP : eth1 + wlan1 = bridge1 .... 192.168.1.2
3- client RBxxx : eth1 + wlan1 = bridge1 ..... 192.168.1.3
4- client ROS : Wan - NAT - Lan ..... 192.168.1.4 , 192.168.2.1
You are already using 192.168.2.x for your client. I prefer to use 10.x.x.x for 'distribution' networks - you can use whatever private addressing scheme you want the info here would still be valid - just change the IP networks to what you want.
1 - Main: WAN - NAT - LAN.... xx.xx.xx.xx, 192.168.1.1 (netmask?) /24?
Add a NAT rule to NAT Client IPs - currently you have 192.168.2.X/?
Add a NAT rule to NAT 10.0.0.0/23 (going to use this for your distribution)
Add a routing rule - src 0.0.0.0/0 dst 0.0.0.0/0 action=lookup table=main
Add default route dst 0.0.0.0/0 gw=xx.xx.xx.xx (WAN)
Add route 192.168.2.x gw= 192.168.1.2 (to Main AP)
Add a route 10.0.0.0/23 gw=192.168.1.2 (to Main AP)
2 - Main AP: LAN ...192.168.1.2 WLAN...10.0.0.1/24
Add a routing rule - src 0.0.0.0/0 dst 0.0.0.0/0 action=lookup table=main
Add a route 192.168.2.x/? gw=10.0.0.2 (to Client RB)
Add a route 10.1.1.0/24 gw=10.0.0.2 (to Client RB)
Add default route dst 0.0.0.0/0 gw=192.168.1.1 (To MAIN)
3 - Client RB: WLAN...10.0.0.2/24 LAN...10.1.1.1/24
Add a routing rule - src 0.0.0.0/0 dst 0.0.0.0/0 action=lookup table=main
Add a route 192.168.2.x/? gw=10.1.1.2 (to Client ROS)
Add default route 0.0.0.0/0 gw=10.0.0.1 (to Main AP)
4 - Client ROS WAN...10.1.1.2/24 LAN...192.168.2.1/?
Add a routing rule - src 0.0.0.0/0 dst 0.0.0.0/0 action=lookup table=main
Add default route 0.0.0.0/0 gw=10.1.1.1 (to Client RB)
That should do it........ Of course you have to take everything out of the bridge.... The easiest way to do this is assign the addressing scheme you want to use to the interfaces indicated, but assign them TO the interfaces, not the bridges. Add the routes, NATs and Route Rules. Then - starting at the client ROS, disable the bridges one at a time. Now it make take a few minutes to get the units back after you take them out of bridge mode.....so wait for each unit to come back in turn before proceeding to the next unit. That way if you mis-type something you should be able to get back in via MAC telnet and fix it from the unit 'before' the one that you disabled the bridge on.
razvan_fzl - Too many variables to do OSPF here on the forum...the Wiki has the right info - just watch the version you are using, and be warned that some of the 3.x versions do not work well....
R/