my local network 192.168.2.0/24 is masquerading behind IP 10.0.10.74/24 on my public interface. Internet working fine but I can't access to ISP local services 10.0.12.52 (team speak and dc++ hub). What I must do to solve this problem.
please help !
Are you using to ethernet cards? If so you might try masquerading both networks. I'm not an expert!!!! I'm doing something like that. My ISP comes in on ether 1 and my local net is on ether 2. I masqueraded both and it worked. Try it and if it doesn't work you can undo it. Perhaps someone with more experience will help.
Re: re:
---------yes, I'm using two NIC. I tried masquerading on public, but not working. I think I must set dst NAT properly, but HOW TO
Hai,...tila
I hope with this four steps, you are able to make connect to the 'Internet' over local network.
'/ip address' submenu
add public ip to first interface
add local ip to second interface e.g: 444.333.222.1/24
'/ip route' submenu
add ip gateway from your ISP
'/ip dns'
set primary-dns from your isp
set seconadry-dns from your isp
'/ip firewall nat'
add chain=srcnat src-address=444.333.222.0/24 action=masquerade
I think, that basic config should be okay....and later you can think about 'complete security' for your network. and add other 'Mikrotik Features'.
regards
Balimore.com
--------------
Re: re:
-----------I have already do that, my internet working fine but ISP have services(DC++ hub, team speak...) on thear local network (NOT public IP) and I can not use them. only game server working (counter strike ).
Ooooo...., i am so sorry, i have one point good interesting about that, maybe can you try with 'mapping' methode [dstnat and srcnat] that address or make forward all traffic from ethernet one to other with 'Brigde'.
I think better with 'mapping' you can connect difference subnet with correct nat translation talk to local router, Mikrotik has manual when you do 'mapping'.
Good luck...!
peace all
regards,
Balimore.com
------------
re:
can you help me with src/dst NAT. I'm already masquerading local network behind public, is that mean that I only have to set dst NAT or I must put something else in src NAT ?
Can you give me console commands to put that in src/dst chains. my local network is 192.168.2.0/24, IP on public 10.0.10.74/24, services are on 10.0.12.52
Can you give me console commands to put that in src/dst chains. my local network is 192.168.2.0/24, IP on public 10.0.10.74/24, services are on 10.0.12.52
Re: re:
-----------can you help me with src/dst NAT. I'm already masquerading local network behind public, is that mean that I only have to set dst NAT or I must put something else in src NAT ?
Can you give me console commands to put that in src/dst chains. my local network is 192.168.2.0/24, IP on public 10.0.10.74/24, services are on 10.0.12.52
Hello, ..tila
I hope you are able to make access with DC++ hub network, maybe by 'mapping' you will have point, all procedure mapping and other nat at manual mikrotik with this link: http://www.mikrotik.com/docs/ros/2.9/ip/nat
you can see samples at bottom that site. cause I has succes with that 'mapping' methode from that sample site too. that's option just logica but i never try with DC++ hub, so..sorry and i think with Mikrotik you will have friendly....to make config.
good luck...!
regards
Hasbullah.com
-------------
@atila
Is that dc++ hub and team speak just like bittorrent?
what is dc++ and team speak?
I guess your setup works fine
If you need sampe for dst-nat :
/ip firewall nat add chain=dstnat dst-address=10.0.10.74/32 to-addresses=192.168.2.200 to-ports=0-65535 action=dst-nat
do you get /24 of public ip?
If you do, go with netmap action :D
Is that dc++ hub and team speak just like bittorrent?
what is dc++ and team speak?
I guess your setup works fine
If you need sampe for dst-nat :
/ip firewall nat add chain=dstnat dst-address=10.0.10.74/32 to-addresses=192.168.2.200 to-ports=0-65535 action=dst-nat
do you get /24 of public ip?
If you do, go with netmap action :D