Community discussions

MikroTik App
 
Diosim
just joined
Topic Author
Posts: 1
Joined: Thu Feb 10, 2022 3:56 pm

Can't ping across VLans

Fri May 27, 2022 11:31 am

10.0.0.0 base network
10.0.30.0 IOT network

10.0.0.1 (mikrotik terminal) ping to 10.0.30.21 OK
10.0.0.11 ping to 10.0.30.21 timeout
10.0.30.21 is a device on a virtual wireless interface
sniffer shows as dst address the master interface of the virtual one

this is a ping from 10.0.0.11 to 10.0.30.21
INTERFACE TIME NUM DIR SRC-MAC DST-MAC VLAN SRC-ADDRESS DST-ADDRESS PROTOCOL SIZE CPU
VLAN99_BASE 80.487 409 <- 64:00:6A:87:05:48 B8:69:F4:FA:C8:7C 10.0.0.11 10.0.30.21 ip:icmp 98 0

master wireless interface - B8:69:F4:FA:C8:7C
virtual wireless interface - BA:69:F4:FA:C8:7D
You do not have the required permissions to view the files attached to this post.
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: Can't ping across VLans

Fri May 27, 2022 12:46 pm

What is your network topology ?
InterVLAN routing should and will work unless you ve manually blocked the communication or in cases of wrong VLAN configuration etc...
 
holvoetn
Forum Guru
Forum Guru
Posts: 5405
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Can't ping across VLans  [SOLVED]

Fri May 27, 2022 12:58 pm

In my opinion, your problem is here in forward chain (I removed the disabled rules):
add action=accept chain=forward comment="Allow Estab & Related" \
    connection-state=established,related
add action=accept chain=forward comment="Wireguard access to ALL" \
    in-interface=wireguard
add action=accept chain=forward comment="VLAN Internet Access only" \
    connection-state=new in-interface-list=VLAN out-interface-list=WAN
add action=accept chain=forward comment="Allow port forwarding - DSTNAT" \
    connection-nat-state=dstnat
add action=drop chain=forward comment=Drop
You allow all VLAN access to WAN but further on nothing towards VLAN30.
And then the drop rule hits effectively doing what it is supposed to do. Drop all what gets there.

Who is online

Users browsing this forum: Amazon [Bot], DMITRYB, fibracapi, sid5632, whernandez and 100 guests