I am new to Mikrotik and to networking as a whole. I would like to set up a Router on the stick with Mikrotik as the router. I have the following setup:
ether1: 192.168.88.0/24 (LAN)
ether10:192.168.100.0/24 (Router-Firewall)
I would like to ping from 192.168.88.0/24 subnet to hosts in 192.168.100.0/24 subnet, but i can't.
The end goal is that :
192.168.88.0/24 to foward the traffic to a firewall that is in the 192.168.100.0 subnet, and the 192.168.100.0/24 to be only for the communication between Mikrotik and the Firewall. (Maybe 192.168.100.0/30)
I would get basic routing working first, then worry about setting up the firewall on the MikroTik. This is assuming that you already have an upstream firewall in the 192.168.100.0/24 network.
If you are new to networking, the
article referenced by @tangent probably looks pretty intimidating, at least it would have to me when I was first learning.
If you have the router setup with two network interfaces with ip addresses, the router should be able to route between them, but there is more needed than just routes on the RB1100Dx4 router; the hosts that want to communicate with each other must know how to get to the network on the other side of the RB1100Dx4.
How are the hosts in 192.168.88.0/24 and 192.168.100.0/24 getting their ip configurations?
If these are windows PC's what do you get from the command:
netstat -rn
ipconfig /all
when that is issued at the command prompt of the two PCs trying to ping each other?
Also, remember that windows PC also have a windows firewall that will block new connections from host that are not on the same network, unless you change that.
Since you RB1100Dx4 has ip addresses in each network, you can do some troubleshooting with it.
From a PC in the 192.168.88.0/24 network can you ping 192.168.88.1?
From a PC in the 192.168.88.0/24 network can you ping 192.168.100.2?
From a PC in the 192.168.100.0/24 network, can you ping 192.168.100.2?
From a PC in the 192.168.100.0/24 network, can you ping 192.168.88.1?
From the RB1100Dx4 router, you can use ping to verify that the hosts are willing to reply to pings from same and another network. (assuming devices with ip addresses 192.168.88.10 and 192.168.100.20)
> ping 192.168.88.10 count=4
> ping 192.168.88.10 src-address=192.168.100.2 count=4
> ping 192.168.100.20 count=4
> ping 192.168.100.20 src-address=192.168.88.1 count=4
For a more gentle introduction to fundamentals, I suggest watching this
Networking Fundamentals youtube series by Ed Harmoush (it is generic, not MikroTik specific).
Once you have the fundamentals under your belt, then there are some more advanced MikroTik specific youtube videos.
If you really want to learn networking without needing a lab full of equipment, you can load GNS3 or EVE-ng and emulate routers. That a good way to test complex configs, and you can easily configure and save your labs, but it isn't quite the same as real hardware, where you will run into other issues that are harder to simulate (bad cables, duplex mismatches, etc.).
Here's a good video on troubleshooting with
MikroTik Getting Started: MikroTik Troubleshooting (Basics to Advanced) by @TheNetworkBerg