In my case, two separate business entities share the same office space, each having its own source of internet. They operate from two different software but want to share information from the two software at the same time on their separate LAN networks. I advised that they get a Mikrotik router for that purpose, RB2011 to be precise.
I have two different sources of internet connections to one Mikrotik Router (RB2011). WAN1 is connected to ether1 of the router and WAN2 is connected to ether6. Now, I also have ether2 to ether5 on bridge1, and likewise ether7 to ether10 on bridge2. This explains that I have two different LAN IP blocks on both bridge1 and bridge2. I have been able to configure the router such that, LAN1 uses WAN1 as its internet gateway, and LAN2 uses WAN2 as its internet gateway. This is working perfectly for me without problems.
My aim is to have LAN1 and LAN2 go through their separate internet gateways as I have explained but still allow the two LAN networks on the same router to communicate with each other. I have realized that, when I disable the mangle rule, the 2 LAN networks are able to communicate, but lose internet connection.
Please, I need help to make the two LAN networks communicate with each other while they go through the different internet gateways... I really want a way to make the two LAN networks on the same router to reach each other.
Code: Select all
/ip address
add address=192.168.10.10/24 comment=LAB-Net-WAN interface=ether1 network=192.168.10.0
add address=192.168.20.10/24 comment=Clinic-Net-WAN interface=ether7 network=192.168.20.0
add address=192.168.1.1/24 comment=LAB-Net interface=Lab-br0 network=192.168.1.0
add address=192.168.100.1/24 comment=Clinic-Net interface=Clinic-br0 network=192.168.100.0
/ip firewall mangle
add action=mark-routing chain=prerouting new-routing-mark=Lab-Net src-address=192.168.1.0/24
add action=mark-routing chain=prerouting new-routing-mark=Clinic-Net src-address=192.168.100.0/24
/ip route
add comment=Clinit distance=1 gateway=192.168.20.1 routing-mark=Clinic-Net
add comment=Lab distance=1 gateway=192.168.10.1 routing-mark=Lab-Net
add distance=1 gateway=192.168.10.1
add distance=1 gateway=192.168.20.1
/ip firewall filter
add action=accept chain=forward connection-state=established,related
add action=accept chain=input connection-state=established,related
add action=accept chain=input packet-size=0-128 protocol=icmp
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1 src-address=192.168.1.0/24
add action=masquerade chain=srcnat out-interface=ether7 src-address=192.168.100.0/24