I have RB750 , and have a /29 public ip pool. I have configured all 5 useable ips on ether1-wan
now on lan side i have few servers and i want to do port forwarding for various services.
For example.
I have created a dst-nat rule that do port forward for
1.2.3.4:25 to local 192.168.1.1:25
1.2.3.5:444 to local 192.168.1.2:4444
1.2.3.6:80 to local 192.168.1.3:80
traffic from outside to IN is ok, but I have one general nat rule for masquerading. How can I tell that which server traffic should go from which public ip?
like 192.168.1.1:25 should go out from 1.2.3.4:25 and
192.168.1.2:4444 traffic should go out from 1.2.3.5:4444
Create dedicated srcnat rules as you require. Place them before the generic masquerading rule
/ip firewall nat
add chain=srcnat action=src-nat src-address=192.168.1.2 to-addresses=1.2.3.xIf you like you can add port numbers, but I do not think they are required as I assume you want to connect to the outside world, and most of the times not knowing what port is in use.