/ip dhcp-server add address-pool=static-only <other parameters>
Right. I still didn't get used to in-interface-list, as it's relatively new and I've been using in-interface for too long. Just to make it clear.Or, to stick with concept used in default firewall setup by MT: use "in-interface-list=LAN"
/ip firewall nat add chain=dstnat dst-address=192.168.0.9 protocol=tcp dst-port=8999 action=dst-nat to-addresses=10.0.0.220
Convince us.I know how to do port forwarding on a MikroTik, ...
For the record, there's something for Linux & friends (e.g. https://github.com/Nat-Lab/eoip), but I didn't test it.Thats because EoIP is proprietary extension of GRE and as far as I know, nobody else supports it except Mikrotik.
/ip firewall nat add chain=srcnat src-address=192.168.255.0/24 action=src-nat to-addresses=192.168.0.123
This is easily fixed by enabling proxy ARP on WAN.However this will only work if ISP blindly routes whole /24 subnet through single interface and doesn't rely on ARP to resolve target device for individual addresses.
So far only MikroTik's "lightweight" implementation of OpenVPN (no udp, compression, pushed routes, ...).- Inbound VPN with OpenVPN