Community discussions

MikroTik App
 
w4rh0und
Member Candidate
Member Candidate
Topic Author
Posts: 107
Joined: Fri Oct 16, 2009 10:58 pm

PPC With 1 on 1 Nat

Sat Apr 02, 2011 1:41 am

Hi

I have followed this guide:

http://wiki.mikrotik.com/wiki/PCC

My problem is:

I have multiple local subnets so i don't know how to add them to these rules for every subnet/interface that i have
My subnets/interfaces are: 192.168.1.0/24 subnet_1 interface and 192.168.99.0/24 subnet_99 interface 2

If i add the 2 lines bellow for both local interfaces i cannot nat out anymore
/ ip firewall mangle
add chain=prerouting dst-address=10.111.0.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=10.112.0.0/24 action=accept in-interface=LAN

If i add the lines bellow i cannot dnat to some internal ip's like 192.168.99.12 via rdp and i really need access to that ip from the outside. Is there a way to make a 1 to 1 nat with this ppc load balance? Maybe even be accessible over both public ip's?

add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local \
per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local \
per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-mark=ISP2_conn

add chain=prerouting connection-mark=ISP1_conn in-interface=LAN action=mark-routing \
new-routing-mark=to_ISP1
add chain=prerouting connection-mark=ISP2_conn in-interface=LAN action=mark-routing \
new-routing-mark=to_ISP2
add chain=output connection-mark=ISP1_conn action=mark-routing new-routing-mark=to_ISP1
add chain=output connection-mark=ISP2_conn action=mark-routing new-routing-mark=to_ISP2



Thank you
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: PPC With 1 on 1 Nat

Sat Apr 02, 2011 2:01 am

 
w4rh0und
Member Candidate
Member Candidate
Topic Author
Posts: 107
Joined: Fri Oct 16, 2009 10:58 pm

Re: PPC With 1 on 1 Nat

Mon Apr 04, 2011 12:22 pm

Thank you for the reply.

I will try the config and let you know how it works. For some reason i haven't found that post on my own :(

Who is online

Users browsing this forum: loloski and 12 guests