Hello there,
I have three networks with different IP ranges and subnets and all have the same gateway router as follows:
1- Mikrotik Router RB2011UiAS [Gateway] LAN xxx.xxx.xxx.51/29 Real IP Gateway and on three next routers
2- Mikrotik Router RB40111GS+ [Section A] WAN IP xxx.xxx.xxx.52/29 - LAN subnet A 192.168.10.1/24 >>> have here 2 servers
3- Mikrotik Router RB1100AHx4 [Section B] WAN IP xxx.xxx.xxx.53/29 - LAN subnet B 192.168.20.1/24 >>> have here 2 servers
4- Mikrotik Router RB951G-2HnD [Section C] WAN IP xxx.xxx.xxx.54/29 - LAN subnet C 192.168.30.1/24 >>> have here 1 server
I need any pc on any network to have access to any server on any network (servers have login policies no problem)
any help is appreciated
Regards
Re: Three Networks behind 3 Routers with same Gateway
Maybe just add routes and adjust firewalls? Tell routers A and B that 192.168.30.0/24 is behind xxx.xxx.xxx.54, etc. Then allow this traffic in. That's if it's all safe and you don't mind this traffic going over the wires as is. Otherwise you might need some encrypted tunnels.
Re: Three Networks behind 3 Routers with same Gateway
What I need is to let any pc in network A, B, or C to see any server in these three networks even if the IP is different.
I did a VPN connection and it worked but I don't need this method.
I did a VPN connection and it worked but I don't need this method.
Re: Three Networks behind 3 Routers with same Gateway
What is the purpose of having 4 routers, where 1 would be sufficient?
In regards to access to servers: consider dividing into 6 VLAN's, 3 server VLAN's (per network) and 3 client VLAN's per network.
Access can then be easily handled by the correct firewall rules.
Love to link this topic: viewtopic.php?f=23&t=143620
In regards to access to servers: consider dividing into 6 VLAN's, 3 server VLAN's (per network) and 3 client VLAN's per network.
Access can then be easily handled by the correct firewall rules.
Love to link this topic: viewtopic.php?f=23&t=143620
Re: Three Networks behind 3 Routers with same Gateway
Sob already solve It, but to be more specific and not change you topology, you can accomplish by doing:Maybe just add routes and adjust firewalls? Tell routers A and B that 192.168.30.0/24 is behind xxx.xxx.xxx.54, etc. Then allow this traffic in. That's if it's all safe and you don't mind this traffic going over the wires as is. Otherwise you might need some encrypted tunnels.
1) Add a static route in router A, with networks reachable by routers B and C:
/ip/route/add dst-address=192.168.20.0/24 gateway=xxx.xxx.xxx.53
/ip/route/add dst-address=192.168.30.0/24 gateway=xxx.xxx.xxx.54
2) Add a static route in router B, with routes reachable by routers A and C:
/ip/route/add dst-address=192.168.10.0/24 gateway=xxx.xxx.xxx.52
/ip/route/add dst-address=192.168.30.0/24 gateway=xxx.xxx.xxx.54
3)Add a static route in router C, with routes reachable by routers A and B:
/ip/route/add dst-address=192.168.10.0/24 gateway=xxx.xxx.xxx.52
/ip/route/add dst-address=192.168.20.0/24 gateway=xxx.xxx.xxx.53
4)Allow traffic in firewall for those networks, in case you have any rule blocking it. Remember to put it above drop rules. Something like this:
/ip/firewall/filter/add chain=forward dst-address=192.168.10.0/24 # Routers B and C
/ip/firewall/filter/add chain=forward dst-address=192.168.20.0/24 # Routers A and C
/ip/firewall/filter/add chain=forward dst-address=192.168.30.0/24 # Routers A and B
Also you should have a rule to allow stablished and related connections.
There are a many others ways to do It, even better ways. This is just the simplest one.