Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Igor Leshchenko2020-09-10 23:48:24
Computer networks
Igor Leshchenko, 2020-09-10 23:48:24

How to translate a network into subnets using VLSM on Mikrotik?

Hello! There is an enterprise network on a Mikrotik router! The entire network "weighs" on one port, and throughout the building there are a lot of unmanaged switches (delinks, tplips), on another port there is an access point CAP ac. The network and Wi-Fi are combined into a bridge, there is no guest Wi-Fi, because. there hasn't been a need yet. The enterprise network has 7 network printers, 8 Windows machines, 4 MacBooks and a Linux server with 1C. All Macbooks and smartphones of employees sit on Wi-Fi.
There was a need to set up remote work. On Mikrotik, I raised VPN l2tp / Ipsec, because. both Windows and MacOS support it, but now it's a matter of passing routes ... and all traffic goes through the tunnel and printers from remote workstations do not print ... Now the enterprise network is 192.168.1.0/24, IP is static.
I found two solutions on the Internet: 1. Transfer the network to 172.16.0.0/16; 2. Divide the network into subnets using VLSM.
I caught the point, but I can’t find on the Internet how to do it directly on mikrotike. Due to the lack of specialized education and meager knowledge (I work as a lawyer), my independent manipulations with these decisions did not lead to success. At the enterprise that provides us with support for 1C and various kinds of services in the field of computer technology, they didn’t help me, they said they don’t have such specialists ...
Please help with advice on how to do this, and the first and second options ...

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

7 answer(s)
Report
B
brar, 2020-09-11
@brar

Either I did not quite understand the question, or you found the wrong direction of the solution on the net.
The /24 subnet gives you 254 hosts, which covers your needs (7+8+4+1C) a little more than full. That is, there is no point in taking /16.
For vpn, create a pool from a different subnet. In principle, there are a lot of manuals of the same type on the network, here is one of them for example.
https://wiki.mikrotik.com/wiki/Manual:Interface/L2...
Also, I would recommend using ipsec/IKE2 instead of l2tp
https://wiki.mikrotik.com/wiki/Manual:IP/IPsec# Roa...
but this is the taste and color by and large, especially if you have already configured l2tp.

Report
D
d-stream, 2020-09-11
@d-stream

The network 192.168.1.0/24 at the enterprise is a filthy ambush due to the fact that approximately 80% of home "soap dishes" use it. As a result, there will be trouble with routes to the enterprise ...
For your task, the minimum is enough - to change the network to a different one. For example 192.168.199.0/24
And that's it. When raising the tunnel, an arbitrary user will get that for the network 192.168.199.0/24 the vpn adapter will be the gateway, and for the rest - the native soap (probably 192.168.1.1).
Of course, it is possible that there is a brilliant user who has configured his home network to 192.168.199.0/24 - he will have to be recommended to choose something else from the ranges of private networks such as 10.0.0.0/8, 172.16.0.0/12, 92.168.0.0/16, 100.64.0.0/10 etc. Or change jobs...

Report
A
Andrey Barbolin, 2020-09-11
@dronmaxman

> Now the enterprise network is 192.168.1.0/24,
resulting in a conflict with SOHO (home) routers. You think correctly, you need to transfer everything to another network, it's better to take 10.0.0.0/8.
> IP - static.
Evil as it is, the larger the network, the greater the evil. Why they don't like DHCP)
> VLSM
All your switches are stupid, this scheme is not for you.
> VPN l2tp/Ipsec
You can configure this VPN as the most versatile. In order not to drive all traffic through the office, on the client side, you need to uncheck the VPN connection settings. The trick of routing is that when raising the VPN
the client has a route to the network from the enterprise with a mask /8. Therefore, I recommend using addresses from the 10.0.0.0/8 subnet in the local network, then the client will have a route to this network.

Report
M
Max, 2015-09-16
@MaxDukov

where are you trying to output?

Report
A
aol-nnov, 2015-09-16
@aol-nnov

correctly configure the encoding and on the page?
there are meta tags for that.

Report
O
Optimus, 2015-09-16
Pyan @marrk2

And what is the encoding of the php file itself (in the editor in the lower right or left corner) and also set the domain encoding for everyone in htaccess

Similar questions
S
Stanislav Grigoriev2018-12-28 19:11:04
How to set several different buttons to open one tab? 3Reply
J
jelezo2016-04-25 22:23:03
Where do you get the weather for sites using the API? 2Reply
M
Markuzzz2014-02-21 07:54:48
Linux: how to implement routing between networks on the same interface? 1Reply
R
ruslan25702018-09-24 22:27:07
How to install ftp on linux for worpress? 6Reply
C
chudakov2016-04-27 10:17:10
In what direction should a future network engineer develop with the advent of SDN\OpenFlow? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question