Mikrotik forward traffic to another gateway
Solution 1
After some sniffing, it seems that I need to take down "invalid connection state" in firewall for internal LAN There are 3 ways of solving this.
- Set cisco to send EVERYTHING to mikrotik at 192.168.1.253, including every packet that destined to 192.168.1.0/24, despite it is local.
- Tear down "invalid connection state" firewall rule for packets incoming to local
Set up private network with /30 net specific between mikrotik and cisco like:
- mikrotik: 192.168.1.253, 192.168.10.1/30
- cisco: 192.168.10.2/30, 192.168.2.252/24
then route every packet to 192.168.2.0/24 to 192.168.10.2/30. This third option is not available to me, but I put here to give you another option.
Solution 2
if the router that links both networks segments is the cisco, why are you adding routing rules to the mikrotik? just add them to the cisco
Magician
Updated on June 04, 2022Comments
-
Magician about 2 years
I have problem with setting Mikrotik to forward specific packets to another router.
Our devices is setup like this:
LAN1: 192.168.1.0/24 Mikrotik: 192.168.1.253 Cisco: 192.168.1.252 LAN2: 192.168.2.0/24 Cisco: 192.168.2.252Main gateway setup at DHCP is 192.168.1.253, so every packet is sent to Mikrotik.
I have setup up route at mikrotik like this:
/ip route add dst-address=192.168.2.0/24 gateway=192.168.1.252Now, I can ping devices on 192.168.2.0/24, but 192.168.2.0/24 can't ping us back, except 192.168.1.253, which is mikrotik router. So, it would seem, that Mikrotik won't forward all 192.168.2.0/24 packet to 192.168.1.252
Is there anything I need to add?
Thank you
UPDATE: Actually, my problem is, that 192.168.1.0/24 can reach 192.168.2.0/24 without problem. But 192.168.2.0/24 can only reach 192.168.1.253, but not other IPs in 192.168.1.0/24. I recorded packet incoming at 192.168.1.253, but the mikrotik wouldn't forward them to 192.168.1.252