Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)MikroTik RB750 Full bridge to Firewall (UFB)
WickedWings

7 posts

Wannabe Geek


#138514 7-Jan-2014 16:36
Send private message

Hi,

I am trying to configure the MikroTik RB750 to be fully bridge to a firewall, so the firewall will have the public IP at WAN with full control of traffic and port forwarding.

The RB750 is connected with Telecom UFB (fibre).


Connection:

Chrous ONT -----> (eth1) RB750 (eth2) -----> (WAN) firewall (LAN) ----> devices.




I am new to MikroTik product and RouterOS so not 100% sure the correct setup. Anybody who have experience please shed some light.



Thanks

Create new topic
Ragnor
8219 posts

Uber Geek

Trusted

  #962577 7-Jan-2014 16:48
Send private message

You probably want a transparent bridge, there's a thread here about a similar setup
http://www.geekzone.co.nz/forums.asp?forumid=66&topicid=136810






WickedWings

7 posts

Wannabe Geek


  #962606 7-Jan-2014 18:01
Send private message

Thanks for the reply. 

I did comes across that forum but I am not too sure if it will actually pass the Public IP over to the firewall.


So following are the configuration I have copy from the forum mentioned.

interface bridge add name=bridge1 disabled=no arp=enabled - in order to create a bridge
interface bridge port set ether0 bridge=bridge1 priority=128 path-cost=10 - To add the physical eth0(WAN cable from UFB) interface to the bridge.
interface bridge port set ether2 bridge=bridge1 priority=128 path-cost=10 - to add the physical eth1(Cable connecting UTM9s and Mikrotik) to the bridge.

Will these be all the command I need? Or there are more ?

what about the add ip address command mentioned in here: http://ferdi.blog.unas.ac.id/pengenalan-dasar/transparent-bridge-with-mikrotik/. What IP should I enter given the example below.


ONT  ------->     (eth1) RB750 (192.168.88.1)     ----->    (WAN public ip: 111.222.333.444/32) Firewall (Lan 192.168.15.1/24)      ---->          192.168.15.0/24




Thanks.

LennonNZ
2459 posts

Uber Geek

ID Verified
Trusted

  #962612 7-Jan-2014 18:15
Send private message

From factory...
Connect your computer to say port 3 as you will be doing stuff on ports 0/1
Celete DHCP Client from ether0
Create VLAN10 on eth0
Create a new Bridge
Add the VLAN10 and Port 1 to it.

Now that will bridge VLAN10 (UFB) and ether1

then run DHCP or PPPOE (or whatever your provider needs) on the firewall)

The Mikrotik is a pretty good firewall so any reason you don't want to use that to terminate the L3 Side of the UFB Connection? (your'd like RUN DHCP Cleint or PPPoE on the VLAN10 interface)

And if your Firewall cannot do VLANS maybe upgrade firmware/read manual as I presume you are using the Mikrotik as the firewall cannot do VLANS?






Ragnor
8219 posts

Uber Geek

Trusted

  #962621 7-Jan-2014 18:31
Send private message

WickedWings: Thanks for the reply. 

I did comes across that forum but I am not too sure if it will actually pass the Public IP over to the firewall.



1: What make/model/software is your firewall? Can it do VLAN tagging on the WAN?
2: What is your ISP? Does the ISP use PPPoE or DHCP or something else for the connection?

The main reason to use a Mikrotik RB750 in addition to the firewall is if firewall can't do VLAN tagging (quite common on older stuff) on it's WAN interface or can't do PPPoE (which would be weird). Though their are other reasons for using the RB750 like load balancing over multiple connections etc but doesn't sound like the case here.

The Firewall would connect to the ISP and get the public ip address, dns, gateway etc (via PPPoE or DHCP) but it would go via the Mikrotik transparent bridge which adds the required VLAN tag id.

WickedWings

7 posts

Wannabe Geek


  #962634 7-Jan-2014 18:50
Send private message



1. The firewall is a Netgear UTM9s. I have contacted netgear and they are working on a firmware that will support VLAN on WAN for NZ UFB. Should be out next few month. So the RB750 is a temporary solution that I need.

2. ISP is telecom. I am actually not too sure which connection type they are using. Maybe someone can confirm this for me. At the moment I am just playing with free modem from telecom which can't do bridging......



Thanks

Ragnor
8219 posts

Uber Geek

Trusted

  #962638 7-Jan-2014 18:57
Send private message

Yeah you want the same setup as the other thread.

So you would setup PPPoE in the Netgear and transparent bridge in the Mikrotik.

Telecom uses PPPoE but you can put blank in the username and password as Telecom authenticates your account/session by physical line.

http://help.telecom.co.nz/app/answers/detail/a_id/1180

Operating Mode : MDI/MDIX
PPP Protocol : PPPoE
PPP Username: blank
PPP Password: blank
PPP Auth Type : blank
Encapsulation : 802.1Q
PCP Marking : 0
VID (or VLAN) : 10
MTU : 1,500 or AUTO

WickedWings

7 posts

Wannabe Geek


  #963876 9-Jan-2014 13:58
Send private message

It worked!!! Awesome.

Thanks to everyone who helped so promptly......

Cheers.

Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright