I am struggling with setting up access between my 2 LANs at home.
Here is how network built
Important to add that TPlink is connected through WAN and has it's own network. This setup is needed for many personal reasons.
So, basically
I am able now to ping 192.168.88.xxx from 192.168.0.xxx which is logical since it's parent network
However, I can't neither ping 192.168.0.xxx nor access it from 192.168.88.xxx
I want to have access from 192.168.0.xxx to 192.168.88.xxx and vice verca.
I have tried multiple dst-nat and src-nat rules from the forum, however, no luck.
Could you please advise, is this even possible?
Adding ip settings:
Thank you in advance/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
/ip accounting
set account-local-traffic=yes enabled=yes
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2 network=192.168.88.0
/ip cloud
set ddns-update-interval=5m
/ip dhcp-client
add comment=defconf disabled=no interface=ether1 use-peer-dns=no
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
add address=8.8.8.8 name="Google Public DNS"
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=192.168.88.1 dst-port=8124 protocol=tcp to-addresses=192.168.88.252 to-ports=8123
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
add action=dst-nat chain=dstnat dst-address-type=local dst-port=8123 protocol=tcp to-addresses=192.168.88.252 to-ports=8123
add action=masquerade chain=srcnat dst-address=192.168.88.252 dst-port=8123 out-interface=bridge protocol=tcp src-address=192.168.88.0/24
add action=dst-nat chain=dstnat dst-port=7356 in-interface=ether1 protocol=udp to-addresses=192.168.88.210 to-ports=7356
/ip traffic-flow
set enabled=yes interfaces=bridge