Problem Route with LAN?

KOM

If I understand you correctly, you're asking a pfSense forum how to configure your Mikrotik to be just a switch or bridge?

https://forum.mikrotik.com/

akuma1x

Why don't you NOT double router/firewall your network, and use only 1 of those devices - either pfsense or mikrotik?

Jeff

kor_sal

This post is deleted!

kor_sal

This post is deleted!

johnpoz

Create a gateway in pfsense pointing to your 20.x.x.x/30 IP of your mik router - btw 20 - is public space.. Don't use that as a transit network.. use 10/30 if yoru using 192.168 and 172 address space.. Also 172.168 as also public.. Are those typo's? Did you pull those out your ____ ?

Once you have the gateway setup to your mik, create a route for the networks downstream of your mik.. Your mik is not natting is it?? If so to allow traffic to network behind mik you would have to create port forwards on your mik.

Then create rules on opt to allow the trafic you want.

Still wondering what is the point of this... Just hang that network behind the mik directly on your opt interface of pfsense.

Use of downstream router is normally not something new user to networking would need or want to do.. If you have graduated to the want/need of a downstream router you should have the understanding of routing to implement it.

kor_sal

johnpoz thank for reply.
Now I can ping from LAN(192) from ping to LAN(172)on Mikrotic.
But when I ping from LAN(172)from Mikrotic to LAN(192) cannot reply (destination host unreachable).
How to resolve that problem? Please help.

Thank for reply.

johnpoz

Well you would have to have routes on your mik, I just assumed its default would be towards pfsense 20.x interface

You have fixed these BAD network IPs, or were they just typos?

kor_sal

Yes, IP on LAN (192,172,20) I just assign it for testing . When I success testing i will change those IP to the right standard private network. But I still have that problem. On my Mik router i have static route to (192.168.1.0/24 gateway 20.0.0.0). If you not sure about my problem i will screenshot my route to you.

kor_sal

johnpoz

Well that looks wrong.. how is 192.168 lan reachable?

chpalmer

Dude.. Fix your LAN addresses first!

https://lmgtfy.com/?q=lan+address+ranges

There are reasons..

seanbull

Can you send us a screenshot?

kor_sal

This post is deleted!

kor_sal

After i try to verify one by one. Now i saw a problem and solve it . I assign a wrong get way on router. Really happy and Thank you for all your help.