Re: [AFMUG] Mikrotik routing
Brett, Just a suggestion, call someone that can help you. You will spend a bit but you can get it going quickly. Dennis Burgess, CTO, Link Technologies, Inc. den...@linktechs.net – 314-735-0270 – www.linktechs.net -Original Message- From: Af [mailto:af-boun...@afmug.com] On Behalf Of Brett A Mansfield Sent: Tuesday, June 09, 2015 9:27 PM To: af@afmug.com Subject: [AFMUG] Mikrotik routing I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
On 06/09/2015 11:42 PM, Brett A Mansfield wrote: They can ping the WAN public, but not the next hop. This usually indicates a problem on the upstream router. No route or wrong route to the public subnet. -- Butch Evans 702-537-0979 Network Support and Engineering http://store.wispgear.net/ http://www.butchevans.com/
Re: [AFMUG] Mikrotik routing
I did figure it out, thanks. Now I need to figure out the firewall. Thank you, Brett A Mansfield On Jun 10, 2015, at 4:41 PM, Glen Waldrop gwl...@cngwireless.net wrote: Get it figured out? I might be able to give you a hand. Hit me up off list. From: Brett A Mansfield Sent: Wednesday, June 10, 2015 12:17 AM To: af@afmug.com Subject: Re: [AFMUG] Mikrotik routing I have. I even tried it not bridged. I can always get it working just fine with NAT on a private subnet on a VLAN, it just doesn't want to route my public IP addresses that are not on a VLAN. Thank you, Brett A Mansfield On Jun 9, 2015, at 11:12 PM, That One Guy /sarcasm thatoneguyst...@gmail.com wrote: Wasn't there something posted the other day about these ccrs and cores to ports? Have you tested this in all 7 bridged ports with the same result? On Jun 9, 2015 11:42 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: They can ping the WAN public, but not the next hop. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:40 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Can the devices on publics ping the WAN public? Next hop up? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 9, 2015 11:39 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
On 06/10/2015 03:52 PM, Butch Evans wrote: On 06/09/2015 11:42 PM, Brett A Mansfield wrote: They can ping the WAN public, but not the next hop. This usually indicates a problem on the upstream router. No route or wrong route to the public subnet. To add a little to this. If the symptom is: * CAN ping the local gateway - layer2 is right * CAN ping any IP on the same device as local gateway - layer 2 is right AND the device (your pc) is correctly configured * Local Gateway router can ping anything - Gateway router is configured correctly. * IF you attempt to ping with a source address of your public range (in your case) FROM the router and it fails, then the issue is the same as below * CANNOT ping (from the PC) beyond the local gateway router - Routing is broken in some other router -- Butch Evans 702-537-0979 Network Support and Engineering http://store.wispgear.net/ http://www.butchevans.com/
Re: [AFMUG] Mikrotik routing
Get it figured out? I might be able to give you a hand. Hit me up off list. From: Brett A Mansfield Sent: Wednesday, June 10, 2015 12:17 AM To: af@afmug.com Subject: Re: [AFMUG] Mikrotik routing I have. I even tried it not bridged. I can always get it working just fine with NAT on a private subnet on a VLAN, it just doesn't want to route my public IP addresses that are not on a VLAN. Thank you, Brett A Mansfield On Jun 9, 2015, at 11:12 PM, That One Guy /sarcasm thatoneguyst...@gmail.com wrote: Wasn't there something posted the other day about these ccrs and cores to ports? Have you tested this in all 7 bridged ports with the same result? On Jun 9, 2015 11:42 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: They can ping the WAN public, but not the next hop. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:40 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Can the devices on publics ping the WAN public? Next hop up? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 9, 2015 11:39 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
There is a ton of good information on the MT forums. Offer still stands. - Original Message - From: Brett A Mansfield To: af@afmug.com Sent: Wednesday, June 10, 2015 5:51 PM Subject: Re: [AFMUG] Mikrotik routing I did figure it out, thanks. Now I need to figure out the firewall. Thank you, Brett A Mansfield On Jun 10, 2015, at 4:41 PM, Glen Waldrop gwl...@cngwireless.net wrote: Get it figured out? I might be able to give you a hand. Hit me up off list. From: Brett A Mansfield Sent: Wednesday, June 10, 2015 12:17 AM To: af@afmug.com Subject: Re: [AFMUG] Mikrotik routing I have. I even tried it not bridged. I can always get it working just fine with NAT on a private subnet on a VLAN, it just doesn't want to route my public IP addresses that are not on a VLAN. Thank you, Brett A Mansfield On Jun 9, 2015, at 11:12 PM, That One Guy /sarcasm thatoneguyst...@gmail.com wrote: Wasn't there something posted the other day about these ccrs and cores to ports? Have you tested this in all 7 bridged ports with the same result? On Jun 9, 2015 11:42 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: They can ping the WAN public, but not the next hop. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:40 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Can the devices on publics ping the WAN public? Next hop up? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 9, 2015 11:39 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
To be clear, my internet connection is from a different /24 even though they are both 108.165.x.x. This is not a private email forum. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
[AFMUG] Mikrotik routing
I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
Wasn't there something posted the other day about these ccrs and cores to ports? Have you tested this in all 7 bridged ports with the same result? On Jun 9, 2015 11:42 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: They can ping the WAN public, but not the next hop. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:40 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Can the devices on publics ping the WAN public? Next hop up? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 9, 2015 11:39 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
I have. I even tried it not bridged. I can always get it working just fine with NAT on a private subnet on a VLAN, it just doesn't want to route my public IP addresses that are not on a VLAN. Thank you, Brett A Mansfield On Jun 9, 2015, at 11:12 PM, That One Guy /sarcasm thatoneguyst...@gmail.com wrote: Wasn't there something posted the other day about these ccrs and cores to ports? Have you tested this in all 7 bridged ports with the same result? On Jun 9, 2015 11:42 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: They can ping the WAN public, but not the next hop. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:40 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Can the devices on publics ping the WAN public? Next hop up? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 9, 2015 11:39 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com mailto:j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com mailto:li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24 http://192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com mailto:j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 tel:937-552-2340 Direct: 937-552-2343 tel:937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com mailto:li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
I'm happy to send the running config output if there's a command to do so similar to show run on Cisco. I can send it to somebody off list if they're willing to take a look and help me out. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
Oh, yeah. Maybe there's an upstream router missing a route back to this router that has the public subnet configured? On 6/9/2015 10:40 PM, Josh Luthman wrote: Can the devices on publics ping the WAN public? Next hop up? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 9, 2015 11:39 PM, Brett A Mansfield li...@silverlakeinternet.com mailto:li...@silverlakeinternet.com wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com mailto:geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com mailto:j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 tel:937-552-2340 Direct: 937-552-2343 tel:937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com mailto:li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24 http://192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com mailto:j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 tel:937-552-2340 Direct: 937-552-2343 tel:937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com mailto:li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
If you're plugged in directly to one of the bridged ports with a laptop or something, do the publics work? Does it only not work behind the radios? If so, there's something wrong with the VLAN config on the radios. On 6/9/2015 10:39 PM, Brett A Mansfield wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com mailto:geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com mailto:j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com mailto:li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24 http://192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com mailto:j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 tel:937-552-2340 Direct: 937-552-2343 tel:937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com mailto:li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
They can ping the WAN public, but not the next hop. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:40 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Can the devices on publics ping the WAN public? Next hop up? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 9, 2015 11:39 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
At this point I haven't even connected the radios. All of my stuff is production on a UBNT edgerouter PRO. This Mikrotik will replace that edgerouter. I'm directly connecting to the Mikrotik with a laptop. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:47 PM, George Skorup geo...@cbcast.com wrote: Oh, yeah. Maybe there's an upstream router missing a route back to this router that has the public subnet configured? On 6/9/2015 10:40 PM, Josh Luthman wrote: Can the devices on publics ping the WAN public? Next hop up? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 9, 2015 11:39 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
Re: [AFMUG] Mikrotik routing
I figured it out. I'm really not used to Mikrotik. It was because it wasn't getting the next hop. I had the gateway configured incorrectly. I guess I need to go back to networking 101! It's always something so simple! Thank you, Brett A Mansfield On Jun 9, 2015, at 10:19 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: At this point I haven't even connected the radios. All of my stuff is production on a UBNT edgerouter PRO. This Mikrotik will replace that edgerouter. I'm directly connecting to the Mikrotik with a laptop. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:47 PM, George Skorup geo...@cbcast.com wrote: Oh, yeah. Maybe there's an upstream router missing a route back to this router that has the public subnet configured? On 6/9/2015 10:40 PM, Josh Luthman wrote: Can the devices on publics ping the WAN public? Next hop up? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 9, 2015 11:39 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: All UBNT. Almost every model XM and XW and a few dozen of their AC line. Thank you, Brett A Mansfield On Jun 9, 2015, at 9:31 PM, George Skorup geo...@cbcast.com wrote: What radios? On 6/9/2015 9:44 PM, Brett A Mansfield wrote: The public is on bridge1. VLAN 100 is a layer on top of bridge1. So public is not tagged and VLAN 100 is, both on bridge1. I have each CPE getting an IP address on VLAN 100 and bridging the public to the customers router. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:39 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Is 192.168.100.1 and 108.165.x.x both on the vlan interface? Or one bridge1 and one vlan100? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:36 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: The public IPs are not on a VLAN. The subnet is 108.165.x.0/24. I currently have eth1-eth7 bridged. Bridge1 is where I have the public IPs. Bridge1 VLAN 100 is the private IPs of 192.168.100.0/24. I don't use the SFP+ ports yet. Eth8 is the internet port. It has an IP address of 108.165.x.246/30. I currently have this confit on an UBNT edgerouter and it works flawlessly other than the random panics of the OS. The local public subnet is routed. Thank you, Brett A Mansfield On Jun 9, 2015, at 8:29 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Are the public IPs on the VLAN 100 interface? Need some configuration here. What are the device's IPs/subnets? What is the Mikrotik's LAN/vlan100 IP/subnet? What about WAN? Is the local LAN public subnet routed to the rest of the world? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, Jun 9, 2015 at 10:27 PM, Brett A Mansfield li...@silverlakeinternet.com wrote: I am fairly new to Mikrotik and I cannot get it to do what I want. I have the CCR1036-8G-2S+. I have one VLAN using private IPs. It’s VLAN 100. I also have a /24 subnet of public IPs. I have NAT setup for the VLAN because it does need internet access. I have no NAT on the untagged VLAN of public IPs. I can access the net using VLAN 100, but not the public IPs. Anyone else run into this or have any ideas or thoughts? I’ve tried both Static and Dynamic IPs. I have NOT tried to removing the VLAN 100 yet. I will give that a shot later today. I do not have any kind of firewall on here just yet. Thank you, Brett A Mansfield Silver Lake Internet, LLC
