jlxl
July 10, 2007, 3:50am
1
Our current setup has an ap directly connected to fiber on Ether1. We are also using broadband-over-powerline devices as customer devices, and a bridged wireless setup currently while we are still deploying fiber throughout out network.
Ether1 has a Public IP: XX.XXX.XX.XXX
What I would like to do and have not has much succes with, is providing a customer with a public ip. I have tried the netmap, and toyed with dst-address, but my lack of networking knowledge is keeping me from getting it to work.
If anyone could assist with mapping a public ip to a private one, 1address:1address, I would appreciate it. I can’t seem to get this to work after trying some different combination of what I listed above.
Thanks for any help you could provide…
yes,
jlxl:
Our current setup has an ap directly connected to fiber on Ether1. We are also using broadband-over-powerline devices as customer devices, and a bridged wireless setup currently while we are still deploying fiber throughout out network.
Ether1 has a Public IP: XX.XXX.XX.XXX
What I would like to do and have not has much succes with, is providing a customer with a public ip. I have tried the netmap, and toyed with dst-address, but my lack of networking knowledge is keeping me from getting it to work.
If anyone could assist with mapping a public ip to a private one, 1address:1address, I would appreciate it. I can't seem to get this to work after trying some different combination of what I listed above.
Thanks for any help you could provide.....
Hi,
Do you want to assign on client a public IP or all? For one client the best way to do it is via one to one nat. I am using this and it work perfectly.
YOu can find how to do it in this forum or manual.
Let me know if you need I can get the config.
Regards,
can we put the real IP on client side directly without NAT ? let’s say that client is connected alone to an interface ..
samsoft08,
at last a reply !!! thanx alot ..
you said another public ip to the local interface !! i cant get it ..
1- a public IP’s of /28 subnet
i did this config , its working but with INCREDIBLE connect-disconnect of MSN & yahoo messengers !!!
[admin@MikroTik] ip address> pr
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.1.250/24 192.168.1.0 192.168.1.255 bridge1
1 a.b.c.21/28 a.b.c.16 a.b.c.31 internet
2 192.168.2.250/24 192.168.2.0 192.168.2.255 R-MT
3 a.b.c.23/28 a.b.c.16 a.b.c.31 internet
[admin@MikroTik] ip route> pr
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 ADC a.b.c.16/28 a.b.c.21 internet
1 ADC 192.168.1.0/24 192.168.1.250 bridge1
2 ADC 192.168.2.0/24 192.168.2.250 R-MT
3 A S 0.0.0.0/0 r a.b.c.17 internet
[admin@MikroTik] ip firewall nat> pr
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat action=dst-nat to-addresses=192.168.2.251 to-ports=0-65535 dst-address=a.b.c.22
1 chain=srcnat action=src-nat to-addresses=a.b.c.22 to-ports=0-65535 out-interface=internet
src-address=192.168.2.251
2 chain=srcnat action=src-nat to-addresses=a.b.c.21 to-ports=0-65535 out-interface=internet
3 ;;; Proxy Redirecting
chain=dstnat action=redirect to-ports=3128 in-interface=bridge1 dst-port=80 protocol=tcp
R-MT is the interface which is connected to the remote MT..
Hello samso....one local address as public one , at my first post should be work.
/ip add add address=a.b.c.22/32 interface=internet
and create any rules Network Address Translation :
/ip fi nat add chain=dstnat action=dst-nat to-addresses=192.168.2.251/32 to-ports=0-65535 dst-address=a.b.c.22/32
/ip fi nat add chain=srcnat action=src-nat scr-address=192.168.2.251/32 to-ports=0-65535 to-address=a.b.c.22/32
i think with this rules should be ok...
thats fine just one thing , i put public IP /28 on the internet interface not /32 is this will cause a problem , its working fine as i think !!!
/ip add add address=a.b.c.22/28 interface=internet
and i hope will closed your problem