To verify that, drop the firewall and then test again. If its firewall related it will start working.
-- Larry Smith lesm...@ecsis.net On Wed May 4 2022 11:18, Christopher Tyler wrote: > Very minimal, really just basic input rules, nothing that would block the > IP addresses from getting through. No NAT or Mangle rules on this router. > > /ip firewall filter > add action=accept chain=input comment="ACCEPT ESTABLISHED/RELATED" \ > connection-state=established,related > add action=accept chain=input comment="ACCEPT OSPF" protocol=ospf > add action=accept chain=input comment="ACCEPT ICMP (ping)" protocol=icmp > add action=accept chain=input comment="ACCEPT SNMP" dst-port=160-161 > protocol=\ udp > add action=accept chain=input comment="ACCEPT DHCP" dst-port=67 > protocol=udp add action=accept chain=input comment="Allow MTIK Bandwidth > Test" dst-port=\ 2000-3000 protocol=tcp > add action=accept chain=input comment="Allow MTIK Bandwidth Test" > dst-port=\ 2000-3000 protocol=udp > add action=accept chain=input dst-port=5678 protocol=tcp > add action=accept chain=input comment="ACCEPT THIS Mgmt" src-address-list=\ > THIS_ADMIN > add action=accept chain=output comment="ACCEPT ALL OUTBOUND" > add action=drop chain=input comment="DROP ALL OTHER INPUT" > > > -- > Christopher Tyler > Senior Network Engineer > MTCRE/MTCNA/MTCTCE/MTCWE > > Total Highspeed Internet Solutions > 1091 W. Kathryn Street > Nixa, MO 65714 > (417) 851-1107 x. 9002 > www.totalhighspeed.com > > This institution is an equal opportunity provider and employer. > Esta instituciĆ³n es un proveedor de servicios con igualdad de > oportunidades. > > ----- Original Message ----- > > > From: "Josh Luthman" <j...@imaginenetworksllc.com> > > To: "AnimalFarm Microwave Users Group" <af@af.afmug.com> > > Sent: Wednesday, May 4, 2022 11:12:55 AM > > Subject: Re: [AFMUG] Weird IP issue > > > > Firewall filter rules? > > > > Double check the gateway and subnet on the server. > > > > On Wed, May 4, 2022 at 11:17 AM Christopher Tyler < [ > > mailto:ch...@totalhighspeed.net | ch...@totalhighspeed.net ] > wrote: > > > > > > We have one of the new Mikrotik CCR2216-1G-12XS-2XQ routers running > > RouterOS 7.2.1 with a Mikrotik switch (running 6.44.3) hanging off of it. > > I have two servers on that switch both in the the same public IP block. I > > can ping both servers from the router, and they can ping each other. One > > server is globally reachable and the other is not reachable other than > > from the router or switch itself. I plugged in my laptop and assigned it > > an IP in that same range and cannot reach it extrenally either. The > > router is using OSPF and I can see the route for that IP block from both > > sides of the router, but traceroutes/pings to anything other than the > > server that is working stop at the router. No vlans or special > > configuration between the router and the switch, just basic IP, all ports > > on the switch are bridged. Forwarded ports (dstnat) don't appear to work > > from the router either. > > > > I'm stumped, so I figured I would ask if anyone else has seen anything > > like this and have a solution, or am I looking at a possible RouterOS 7 > > issue? > > > > -- > > Christopher Tyler > > Senior Network Engineer > > MTCRE/MTCNA/MTCTCE/MTCWE > > > > Total Highspeed Internet Solutions > > 1091 W. Kathryn Street > > Nixa, MO 65714 > > (417) 851-1107 x. 9002 > > [ http://www.totalhighspeed.com/ | www.totalhighspeed.com ] > > > > This institution is an equal opportunity provider and employer. > > Esta instituciĆ³n es un proveedor de servicios con igualdad de > > oportunidades. > > > > -- > > AF mailing list > > [ mailto:AF@af.afmug.com | AF@af.afmug.com ] > > [ http://af.afmug.com/mailman/listinfo/af_af.afmug.com | > > http://af.afmug.com/mailman/listinfo/af_af.afmug.com ] > > > > -- > > AF mailing list > > AF@af.afmug.com > > http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
