Iceog
December 13, 2011, 12:54pm
1
Welcome,
I have problem with access to the internet from my router. When i try ping ex. http://www.google.com or 173.194.66.106 in traceroute i get :
# ADDRESS NETWORK INTERFACE
0 ;;; hotspot network
192.168.100.1/23 192.168.100.0 ether2
1 172.16.1.2/30 172.16.1.0 ether1
Route
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 172.16.1.1 1
1 ADC 172.16.1.0/30 172.16.1.2 ether1 0
2 ADC 192.168.100.0/23 192.168.100.1 ether2 0
If You need more information pls. post.
please send your trace photo.
Iceog
December 14, 2011, 8:52am
3
Thank you for your interest in this subject
I hope you mean this:
Trace from router
[admin@MikroTik] > tool traceroute 173.194.66.106
# ADDRESS RT1 RT2 RT3 STATUS
1 172.16.1.1 1ms 1ms 1ms
2 0.0.0.0 0ms 0ms 0ms
3 0.0.0.0 0ms 0ms 0ms
4 0.0.0.0 0ms 0ms 0ms
Trace from client going like this
->192.168.100.1
->172.16.1.1
->google.com
Can you post the info from “/ip firewall nat”?
Iceog
December 14, 2011, 10:38am
5
Thank You a lot for help. I just solved the problem by adding 192.168.100.1 as pref.src in route rule.
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 192.168.100.1 172.16.1.1 1
Once again Thanks
That solution would indicate your masquerade or srcnat is incorrect.
You probably have this
/ip firewall nat
chain=srcnat action=masquerade src-address=192.168.100.0/24
That is the nat rule added by the hotspot.
You need something like this:
/ip firewall nat
add chain=srcnat action=masquerade out-interface=ether1
Iceog
December 14, 2011, 11:17am
7
I don’t use masquerade.
I want to export my firewall nat rules , but its return only 2 of 9 rules.
Then I presume you have the 192.168.100.0/23 net routed back to the router from the proxy server. That would make sense.
Iceog
December 14, 2011, 11:46am
9
dasiu
December 14, 2011, 1:58pm
10
Yeah, and that the router with proxy server (172.16.1.1) does also masquerading for 192.168.. addresses only
<lang=pl>Iceog - dzięki za “gotowość do pomocy”
