I've got the following network configuration:
- Comtrend 5813 FTTH Router, connected to WAN, let's say in 192.168.50.x (being .1 router's address) and a DHCP server active, giving addresses from .150 to .200
- Mikrotik 951G-2HnD connected to the Comtrend router, with address .2
This configuration works for ethernet; I mean, I can plug a computer to Mikrotik and the machine will get its own IP address and will be able to browse internet.
I need to setup 2 different WLANs, each of them in different subnets, 192.168.60.0/24 and 192.168.70.0/24
For that I set up 2 different DHCP servers in Mikrotik, assigned to each Virtual AP, and with Mikrotiks address as .2 on both (192.168.60.2 and 192.168.70.2).
When I connect one device to those WLANs I get a correct IP but I'm not able to get traffic pass through the router to the internet.
I've tried using different routing options, but it seems I don't master Mikrotik's architecture enough.
Can anyone guide me to get this job done?
Thanks!
Best Answer
It sounds like you may need to configure the firewall to pass through the NAT traffic on the Mikrotik. This is 'masquerading'.
When you enable NAT, by default the Mikrotik doesn't enable masquerading and as a result won't pass through established traffic. You must specifically enable the Firewall rule. An equivalent in IPTABLES would be the basic "allow all established" rule.
Where Public is the name of the interface on your WAN facing port (in your example with the 192.168.50.1 IP).
reference: http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT