How to NAT on RB2011 Net1 to Net2?

RouterOS Beginner Basics
1

Hello, here are the settings

Network1: 111.222.114.24/30 (Point to Point IP)
ISP interface: 111.222.114.25 (Your Gateway)
Customer interface: 111.222.114.26
Netmask: 255.255.255.252

Network2: 111.222.115.104/29 (This range is Routed to Customer interface: 111.222.114.26)
Customer Useable: 111.222.115.105 – 111.222.115.110
Netmask: 255.255.255.248

Internet works fine connecting computer directly to Net1 with 111.222.114.26/30 ip, but I can’t figure out how I can use 111.222.115.105-110 ips?

Thank you,

2

i hope i got i right!

add main interface of router:
e.g.: eth0 111.222.114.26/30

add a address on another ethernet interface:
e.g.: eth2 111.222.115.105 /29

add a default route
Dest: 0.0.0.0/0
gateway: 111.222.114.25

connect your pcs on eth2, give them ips from 106-110 and as gatway 111.222.115.105

your normally not NEED NAT in this configuration…

edit: well u can also use NAT ive you want! so the pcs have as outgoning ip, the routers ip… my config is like every computer has his own public ip :slight_smile:

/ip address add interface=eth0 address=111.222.114.26 netmask=255.255.255.252 network=111.222.114.24 disabled=no

/ip address add interface=eth2 address=111.222.115.105 netmask=255.255.255.248 network=111.222.115.104 disabled=no

/ip route add dst-address=0.0.0.0/0 gateway=111.222.114.25 disabled=no
3

Tried, didn’t work. In the route list shows:
DA - 111.222.115.104/29 - eth2 unreachable
:frowning:

Instead of computers its going to be 4-5 routers connected through fiber, buildings are about 50 to 150 meters apart

4

Please post “/ip address”, “/ip route”, and “/ip firewall nat”.

5

Ethernet ports are not slaved. I’m trying to route to eth3 (previous posts shows eth2)

/interface ethernet
set 0 name=Eth1-gateway
set 1 name=Eth2
set 2 name=eth3
set 3 name=eth4
set 4 name=eth5

/ip address
add address=192.168.88.1/24 interface=Bridge-eth2-wlan1
add address=111.222.114.26/30 interface=Eth1-gateway
add address=111.222.115.105/29 interface=eth3

/ip firewall filter
add chain=input comment=“default configuration” protocol=icmp
add chain=input comment=“default configuration” connection-state=established
add chain=input comment=“default configuration” connection-state=related
add action=drop chain=input comment=“TEMPORARY DISABLED” disabled=yes
in-interface=Eth1-gateway

/ip firewall nat
add action=masquerade chain=srcnat src-address=192.168.88.0/24 to-addresses=
0.0.0.0

/ip dns
set allow-remote-requests=yes max-udp-packet-size=512 servers=
8.8.8.8,4.4.4.4

/ip route
add distance=1 gateway=111.222.114.25

6

Is Eth1-gateway the only WAN connection?
Is eth3 connected to the internet?

If Eth1-gateway is the only connection, and those are public ips on eth3 with no internet connection, then you will need to get the ISP to route those public ips (111.222.115.105/29) to 111.222.114.26 for you.

If that isn’t it, explain how you are connected to the internet.

7

On my first post I put what I’ve got from ISP. And according to ISP they did route on their end and now I have to do it on mine.

eth1 is plugged in to their media converter (internet through fibre)
eth2 i’m using for now to have internet in the office
eth3 should be my 111.222.115.104/29 network

8

If the ISP routed that network to that ip, it should route now. ??

9

did u bride eth1 and eth2?

do u have internet access on eth1?

10

eth1 - public ip, has internet 111.222.114.26/30

eth2 - private, internet using 192.168.88.1/24 (nat masquerade)

eth3 - public ips 111.222.115.105/29 (unreachable)

Only on monday I can talk to ISP’s network designer to make sure that 111.222.115.105/29 is routed to 111.222.114.26 on their end.

For now I will have to sit and wait :confused:

11

I would check with your ISP to see what they have done. There is a difference between putting that subnet on your WAN interface, and routing the subnet to the ip assigned to your WAN interface.

12

Now ISP is telling me that they did P2P IP forwarding of /29 through /30. In worst case scenario I will have to ask them to remove /30 and use one of the IP from /29 as a gateway. This way I’m going to be down to only 4 public IPs unless I can do something else with RB configuration :frowning:
Best,