Hotspot without Masquerade

RouterOS General
1

I have the following network diagram:

Internet <—> (eth0) Linux box (eth1) <—> HUB0 <—> (ether0) MT (ether1) <—> HUB1 <—> Client0,1,2,…,n

On Linux box:
eth0= 1.2.3.4/29
eth1= 192.168.0.1/24
Linux box acts as NAT (Masquerade), Bandwidth monitor, Firewall, Intrusion detection, … etc.

I would like MT to act as a Hotspot gateway for clients, providing them authentication through its HTTP servlet BUT never do Masquerade or Src-nat! That is:
Client0=192.168.0.10
Client1=192.168.0.11
Clientn=192.168.0.n

The GW IP to be set at client’s PC is 192.168.0.1; DNS IPs to set at client’s PC is those provided by my ISP.

Any ideas on How To do that?

With Hotspot disabled, I had merged MT’s ether0 and ether1 in a bridge, gave both of them 192.168.0.250 and .251 respectively. The define default gateway to MT on ether0 to forward all destinations of 0.0.0.0/0 to 192.168.0.1. This was successful way and I was able to see each client on the Linux box identified by his/her IP and to see what this client do on Internet resources.

When I enable Hotspot on Bridge interface or on ether1 interface, Clients won’t reach Linux gateway IP and they can’t access Internet resources.

Thank so much in advance for any anticipation …

2

Hello friend [Moody]
with this QA, i hope you find, what you want....to do

Q: what is service to your clients, dedicated line or hotspot or together with same time...?
A: mikrotik's you will help you to do all

Q: how about your diagram..?
A: my answer is your client will unreacheble to the gateway when hotspot interface=enable

Q: can mikrotik's handling for all as you need...?
A: yes

Q: how is my suggestion for you..?
A: reeffisiency of your system resources

Q: how...?
A: change diagram:
Internet <---> (eth0) Linux box (eth1) <---> HUB0 <---> (ether0) MT (ether1) <---> HUB1 <---> Client0,1,2,...,n to
Internet <---> (ether0) MT (ether1) <---> HUB1 <---> Client0,1,2,...,n

regards
Hasbullah.com

3

Dear Hasbullah.com

Thank you for your reply! But I can’t find answers to my request. You said also to omit my Linux box and set MT as main router. This is easily can be done, but if you know exactly what my Linux box can give services than you will change your mind.

I will wait for other anticipations …