I’m facing an issue with my MikroTik Cloud Router and switch setup. Initially, the problem was that the ISP was not reachable despite being directly connected. I managed to resolve that, and now the MikroTik Cloud Router can ping the ISP, has internet access, and can communicate with the MikroTik switch.
The remaining issue is with two servers connected to the MikroTik switch. Their IP addresses are 10.61.x.28 and 10.61.x.29 (among others). The MikroTik Cloud Router has an IP of 10.61.x.27, with a default gateway of 10.61.x.1. The MikroTik switch, however, has an IP address of 172.16.x.10.
The problem is that I cannot ping the servers, they are unreachable. I have configured the MikroTik switch as a bridge to the Cloud Router, and the router’s SFP1 interface is acting as a DHCP server for the switch.
I think the issue could be related to the IP addressing of the servers, but I’m not entirely sure. Do I need to configure NAT, an access list, or is there something else I’m missing? I have the configurations for both the MikroTik Cloud Router and switch. Any help would be greatly appreciated!
===============================================
Mikrotik Cloud router config:
# 2025-03-01 12:48:34 by RouterOS 7.18
# software id = #
# model = CCR2116-12G-4S+
# serial number =
/interface ethernet
set [ find default-name=ether13 ] name=ISP
/interface vlan
add interface=sfp-sfpplus1 name=vlan10 vlan-id=10
add interface=sfp-sfpplus1 name=vlan20 vlan-id=20
add interface=sfp-sfpplus1 name=vlan30 vlan-id=30
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=172.16.x.2-172.16.x.254
add name=dhcp_pool1 ranges=172.16.x.15-172.16.x.254
/ip dhcp-server
add address-pool=dhcp_pool1 interface=sfp-sfpplus1 lease-time=10h30m name=\
dhcp1
/port
set 0 name=serial0
/interface list member
add interface=ISP list=WAN
add interface=ether1 list=LAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
add interface=ether9 list=LAN
add interface=ether10 list=LAN
add interface=ether11 list=LAN
add interface=ether12 list=LAN
add interface=sfp-sfpplus1 list=LAN
add interface=sfp-sfpplus2 list=LAN
add interface=sfp-sfpplus3 list=LAN
add interface=sfp-sfpplus4 list=LAN
/ip address
add address=10.61.x.27/x interface=ISP network=10.61.x.0
add address=172.16.x.1/24 interface=sfp-sfpplus1 network=172.16.x.0
add address=172.16.x.1/24 interface=vlan10 network=172.16.x.0
add address=172.16.x.1/24 interface=vlan20 network=172.16.x.0
add address=172.16.x.1/24 interface=vlan30 network=172.16.x.0
/ip dhcp-server network
add address=172.16.x.0/24 dns-server=8.8.8.8 gateway=172.16.x.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,4.2.2.2
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/system clock
set time-zone-name=
/system note
set show-at-login=no
/system routerboard settings
set enter-setup-on=delete-key
==========================================================
Mikrotik Switch config:
# 2025-03-01 12:54:32 by RouterOS 7.18
# software id =
#
# model = CRS354-48G-4S+2Q+
# serial number =
/interface bridge
add name=bridge1 port-cost-mode=short vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] disabled=yes
set [ find default-name=ether38 ] disabled=yes
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip smb users
set [ find default=yes ] disabled=yes
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge1 interface=ether49 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether1 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether6 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether7 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether8 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether9 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether10 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether11 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether12 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether13 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether14 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether15 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether16 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether17 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether18 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether19 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether20 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether21 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether22 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether23 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether24 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether29 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether30 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether31 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether32 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether33 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether34 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether35 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether36 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether37 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether38 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether39 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether40 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether41 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether42 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether43 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether44 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether45 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus1-1 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus1-2 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus1-3 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus1-4 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus2-1 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus2-2 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus2-3 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus2-4 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=sfp-sfpplus2 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=sfp-sfpplus3 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=sfp-sfpplus4 internal-path-cost=10 path-cost=10
/ip firewall connection tracking
set udp-timeout=10s
/interface list member
add interface=ether49 list=WAN
add interface=ether1 list=LAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
add interface=ether9 list=LAN
add interface=ether10 list=LAN
add interface=ether11 list=LAN
add interface=ether12 list=LAN
add interface=ether13 list=LAN
add interface=ether14 list=LAN
add interface=ether15 list=LAN
add interface=ether16 list=LAN
add interface=ether17 list=LAN
add interface=ether18 list=LAN
add interface=ether19 list=LAN
add interface=ether20 list=LAN
add interface=ether21 list=LAN
add interface=ether22 list=LAN
add interface=ether23 list=LAN
add interface=ether24 list=LAN
add interface=ether25 list=LAN
add interface=ether26 list=LAN
add interface=ether27 list=LAN
add interface=ether28 list=LAN
add interface=ether29 list=LAN
add interface=ether30 list=LAN
add interface=ether31 list=LAN
add interface=ether32 list=LAN
add interface=ether33 list=LAN
add interface=ether34 list=LAN
add interface=ether35 list=LAN
add interface=ether36 list=LAN
add interface=ether37 list=LAN
add interface=ether38 list=LAN
add interface=ether39 list=LAN
add interface=ether40 list=LAN
add interface=ether41 list=LAN
add interface=ether42 list=LAN
add interface=ether43 list=LAN
add interface=ether44 list=LAN
add interface=ether45 list=LAN
add interface=ether46 list=LAN
add interface=ether47 list=LAN
add interface=ether48 list=LAN
add interface=qsfpplus1-1 list=LAN
add interface=qsfpplus1-2 list=LAN
add interface=qsfpplus1-3 list=LAN
add interface=qsfpplus1-4 list=LAN
add interface=qsfpplus2-1 list=LAN
add interface=qsfpplus2-2 list=LAN
add interface=qsfpplus2-3 list=LAN
add interface=qsfpplus2-4 list=LAN
add interface=sfp-sfpplus1 list=LAN
add interface=sfp-sfpplus2 list=LAN
add interface=sfp-sfpplus3 list=LAN
add interface=sfp-sfpplus4 list=LAN
/interface ovpn-server server
add mac-address=
/ip address
add address=172.16.x.10/24 interface=sfp-sfpplus1 network=172.16.x.0
/ip cloud
set ddns-enabled=yes
/ip cloud advanced
set use-local-address=yes
/ip dhcp-client
add default-route-tables=main interface=sfp-sfpplus1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,4.2.2.2
/ip firewall service-port
set irc disabled=no
set rtsp disabled=no
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip ipsec profile
set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=172.16.x.1 pref-src=\
"" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/ip service
set www-ssl disabled=no
/ip smb shares
set [ find default=yes ] directory=/flash/pub
/system clock
set time-zone-name
/system note
set show-at-login=no
/system routerboard settings
set enter-setup-on=delete-key
The remaining issue is with two servers connected to the MikroTik switch. Their IP addresses are 10.61.x.28 and 10.61.x.29 (among others). The MikroTik Cloud Router has an IP of 10.61.x.27, with a default gateway of 10.61.x.1. The MikroTik switch, however, has an IP address of 172.16.x.10.
The problem is that I cannot ping the servers, they are unreachable. I have configured the MikroTik switch as a bridge to the Cloud Router, and the router’s SFP1 interface is acting as a DHCP server for the switch.
I think the issue could be related to the IP addressing of the servers, but I’m not entirely sure. Do I need to configure NAT, an access list, or is there something else I’m missing? I have the configurations for both the MikroTik Cloud Router and switch. Any help would be greatly appreciated!
===============================================
Mikrotik Cloud router config:
# 2025-03-01 12:48:34 by RouterOS 7.18
# software id = #
# model = CCR2116-12G-4S+
# serial number =
/interface ethernet
set [ find default-name=ether13 ] name=ISP
/interface vlan
add interface=sfp-sfpplus1 name=vlan10 vlan-id=10
add interface=sfp-sfpplus1 name=vlan20 vlan-id=20
add interface=sfp-sfpplus1 name=vlan30 vlan-id=30
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=172.16.x.2-172.16.x.254
add name=dhcp_pool1 ranges=172.16.x.15-172.16.x.254
/ip dhcp-server
add address-pool=dhcp_pool1 interface=sfp-sfpplus1 lease-time=10h30m name=\
dhcp1
/port
set 0 name=serial0
/interface list member
add interface=ISP list=WAN
add interface=ether1 list=LAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
add interface=ether9 list=LAN
add interface=ether10 list=LAN
add interface=ether11 list=LAN
add interface=ether12 list=LAN
add interface=sfp-sfpplus1 list=LAN
add interface=sfp-sfpplus2 list=LAN
add interface=sfp-sfpplus3 list=LAN
add interface=sfp-sfpplus4 list=LAN
/ip address
add address=10.61.x.27/x interface=ISP network=10.61.x.0
add address=172.16.x.1/24 interface=sfp-sfpplus1 network=172.16.x.0
add address=172.16.x.1/24 interface=vlan10 network=172.16.x.0
add address=172.16.x.1/24 interface=vlan20 network=172.16.x.0
add address=172.16.x.1/24 interface=vlan30 network=172.16.x.0
/ip dhcp-server network
add address=172.16.x.0/24 dns-server=8.8.8.8 gateway=172.16.x.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,4.2.2.2
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/system clock
set time-zone-name=
/system note
set show-at-login=no
/system routerboard settings
set enter-setup-on=delete-key
==========================================================
Mikrotik Switch config:
# 2025-03-01 12:54:32 by RouterOS 7.18
# software id =
#
# model = CRS354-48G-4S+2Q+
# serial number =
/interface bridge
add name=bridge1 port-cost-mode=short vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] disabled=yes
set [ find default-name=ether38 ] disabled=yes
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip smb users
set [ find default=yes ] disabled=yes
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge1 interface=ether49 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether1 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether6 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether7 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether8 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether9 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether10 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether11 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether12 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether13 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether14 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether15 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether16 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether17 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether18 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether19 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether20 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether21 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether22 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether23 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether24 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether29 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether30 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether31 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether32 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether33 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether34 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether35 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether36 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether37 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether38 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether39 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether40 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether41 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether42 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether43 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether44 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether45 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus1-1 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus1-2 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus1-3 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus1-4 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus2-1 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus2-2 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus2-3 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=qsfpplus2-4 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=sfp-sfpplus2 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=sfp-sfpplus3 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=sfp-sfpplus4 internal-path-cost=10 path-cost=10
/ip firewall connection tracking
set udp-timeout=10s
/interface list member
add interface=ether49 list=WAN
add interface=ether1 list=LAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
add interface=ether9 list=LAN
add interface=ether10 list=LAN
add interface=ether11 list=LAN
add interface=ether12 list=LAN
add interface=ether13 list=LAN
add interface=ether14 list=LAN
add interface=ether15 list=LAN
add interface=ether16 list=LAN
add interface=ether17 list=LAN
add interface=ether18 list=LAN
add interface=ether19 list=LAN
add interface=ether20 list=LAN
add interface=ether21 list=LAN
add interface=ether22 list=LAN
add interface=ether23 list=LAN
add interface=ether24 list=LAN
add interface=ether25 list=LAN
add interface=ether26 list=LAN
add interface=ether27 list=LAN
add interface=ether28 list=LAN
add interface=ether29 list=LAN
add interface=ether30 list=LAN
add interface=ether31 list=LAN
add interface=ether32 list=LAN
add interface=ether33 list=LAN
add interface=ether34 list=LAN
add interface=ether35 list=LAN
add interface=ether36 list=LAN
add interface=ether37 list=LAN
add interface=ether38 list=LAN
add interface=ether39 list=LAN
add interface=ether40 list=LAN
add interface=ether41 list=LAN
add interface=ether42 list=LAN
add interface=ether43 list=LAN
add interface=ether44 list=LAN
add interface=ether45 list=LAN
add interface=ether46 list=LAN
add interface=ether47 list=LAN
add interface=ether48 list=LAN
add interface=qsfpplus1-1 list=LAN
add interface=qsfpplus1-2 list=LAN
add interface=qsfpplus1-3 list=LAN
add interface=qsfpplus1-4 list=LAN
add interface=qsfpplus2-1 list=LAN
add interface=qsfpplus2-2 list=LAN
add interface=qsfpplus2-3 list=LAN
add interface=qsfpplus2-4 list=LAN
add interface=sfp-sfpplus1 list=LAN
add interface=sfp-sfpplus2 list=LAN
add interface=sfp-sfpplus3 list=LAN
add interface=sfp-sfpplus4 list=LAN
/interface ovpn-server server
add mac-address=
/ip address
add address=172.16.x.10/24 interface=sfp-sfpplus1 network=172.16.x.0
/ip cloud
set ddns-enabled=yes
/ip cloud advanced
set use-local-address=yes
/ip dhcp-client
add default-route-tables=main interface=sfp-sfpplus1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,4.2.2.2
/ip firewall service-port
set irc disabled=no
set rtsp disabled=no
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip ipsec profile
set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=172.16.x.1 pref-src=\
"" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/ip service
set www-ssl disabled=no
/ip smb shares
set [ find default=yes ] directory=/flash/pub
/system clock
set time-zone-name
/system note
set show-at-login=no
/system routerboard settings
set enter-setup-on=delete-key
Statistics: Posted by UltraIsp4883 — Sat Mar 01, 2025 1:57 pm