* Host is 10.1.1.2.
** The VMs are assigned IPs 192.168.1.10x on the host's NAT
** It has ports 10081, 10082, and 10083 forwarded to port 80 on VMs 1, 2, and 3, and is masquerading outgoing traffic.
* I can properly connect to 10.1.1.2:1008x and access the services
* The reserved IPs are 10.1.1.101, 10.1.1.102, and 10.1.1.103.
* I want to forward 10.1.1.10x:80 to 10.1.1.2:1008x respectively.
What I tried to do was set up a dstnat
Code: Select all
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=10.1.1.2 to-ports=10081 protocol=tcp dst-address=10.1.1.101 dst-port=80
Code: Select all
iptables -tnat -A POSTROUTING -s 192.168.1.1.0/24 -o vmbr0 -j MASQUERADE
iptables -tnat -A PREROUTING -s ! 192.168.1.0/24 -p tcp -m tcp --dport 10081 -j DNAT --to-destination 192.168.1.101:80
Is there anything at a glance which would prevent this setup from working as intended? I'm even open to alternate configurations to achieve the same goal - The only thing I do not want to do is bridge the VMs.