Mikrotik Routers (RouterBoard & RouterOS)

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Networks and Broadband

Bump Topic Add Reply RSS Feed

Outline · [ Standard ] · Linear+

Enterprise Networking Mikrotik Routers (RouterBoard & RouterOS), User and owner discussion group

views

Prince of Andalus	Apr 19 2012, 08:59 AM Return to original view \| Post #1
Casual Junior Member 365 posts Joined: Dec 2006	anybody can help in mikrotik forum? i'm just stuck in configuring intervlan routing in mikrotik.. http://forum.mikrotik.com/viewtopic.php?f=2&t=61219 Hi everyone, I just got 1 RB750UP to play with. I'm trying to configurre intervlan routing in this model but not fully functional. This my diagram. User A - can ping 8.8.8.8 (internet) - can ping 192.168.0.254 (ADSL internal interface) - can ping 10.0.0.1 (br-vlan2) - can not ping user B (10.0.0.200) User B - can not ping 8.8.8.8 (internet) - can not ping 192.168.0.254 (ADSL internal interface) - can ping 192.168.0.1 (br-vlan1) - can ping user A (192.168.0.200) 1. How do i make user A can ping user B (10.0.0.200)? 2. How do i make user B can ping 192.168.0.254 (ADSL internal interface) and the internet through that? TQ very much for your help. This is my config CODE [admin@MikroTik] > /ip address print detail Flags: X - disabled, I - invalid, D - dynamic 0 address=192.168.0.1/24 network=192.168.0.0 interface=br-vlan1 actual-interface=br-vlan1 1 address=10.0.0.1/24 network=10.0.0.0 interface=br-vlan2 actual-interface=br-vlan2 CODE [admin@MikroTik] > /ip route print detail Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 0 A S dst-address=0.0.0.0/0 gateway=192.168.0.254 gateway-status=192.168.0.254 reachable br-vlan1 distance=1 scope=30 target-scope=10 1 ADC dst-address=10.0.0.0/24 pref-src=10.0.0.1 gateway=br-vlan2 gateway-status=br-vlan2 reachable distance=0 scope=10 2 ADC dst-address=192.168.0.0/24 pref-src=192.168.0.1 gateway=br-vlan1 gateway-status=br-vlan1 reachable distance=0 scope=10 CODE [admin@MikroTik] > /interface print detail Flags: D - dynamic, X - disabled, R - running, S - slave 0 name="ether1-gateway" type="ether" mtu=1500 l2mtu=1600 1 R name="ether2-master-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 2 R name="ether3-slave-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 3 name="ether4-slave-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 4 R name="ether5-slave-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 5 R name="vlan1" type="vlan" mtu=1500 l2mtu=1594 6 name="vlan2" type="vlan" mtu=1500 l2mtu=1594 7 R name="br-vlan1" type="bridge" mtu=1500 l2mtu=1594 8 R name="br-vlan2" type="bridge" mtu=1500 l2mtu=1598 CODE [admin@MikroTik] > /ip firewall export # jan/02/1970 00:58:50 by RouterOS 5.6 # software id = 1SD1-VBKI # /ip firewall connection tracking set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \ tcp-close-wait-timeout=10s tcp-established-timeout=1d \ tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \ tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \ tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s /ip firewall filter add action=accept chain=input comment="default configuration" disabled=no \ protocol=icmp add action=accept chain=input comment="default configuration" \ connection-state=established disabled=no add action=accept chain=input comment="default configuration" \ connection-state=related disabled=no add action=drop chain=input comment="default configuration" disabled=yes \ in-interface=ether1-gateway /ip firewall nat add action=masquerade chain=srcnat comment="default configuration" disabled=\ no out-interface=ether1-gateway /ip firewall service-port set ftp disabled=no ports=21 set tftp disabled=no ports=69 set irc disabled=no ports=6667 set h323 disabled=no set sip disabled=no ports=5060,5061 sip-direct-media=yes set pptp disabled=no TQ
Card PM	Report Top Like Quote Reply

Prince of Andalus	Apr 20 2012, 07:31 AM Return to original view \| Post #2
Casual Junior Member 365 posts Joined: Dec 2006	QUOTE(asellus @ Apr 19 2012, 09:30 AM) Put output of '/interface vlan print' here. A question - why you don't put the ADSL router at ether-gateway interface? You are lucky that the ADSL router and vlan1 is in the same broadcast domain, else User A will not be able to connect to the Internet. hehehe.. actually my actual diagram is different.. not using ADSL router but have to other equipment to do NATing QUOTE(JinXXX @ Apr 19 2012, 09:42 AM) routing ? issue ? or just need to configure firewall for access ? the src net for the other vlan domain ? the solution is code][admin@MikroTik] > /ip firewall nat print Flags: X - disabled, I - invalid, D - dynamic 0 ;;; default configuration chain=srcnat action=masquerade out-interface=ether1-gateway 1 chain=srcnat action=masquerade src-address=10.0.0.0/24 2 chain=srcnat action=masquerade src-address=192.168.0.0/24[/code] hehehe.. So i'm moving forward configuring my mikrotik. :-) http://forum.mikrotik.com/viewtopic.php?f=...=312892#p312892
Card PM	Report Top Like Quote Reply

« Next Oldest · Networks and Broadband · Next Newest »

Add Reply Options

Change to:

0.0225sec

0.38

7 queries

GZIP Disabled
Time is now: 4th December 2025 - 02:34 PM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.