Hi,
I had a working hotspot system, and now i have a troubles.
My clients go to Internet using a single Public IP address (with action=masquerade on hotspot clients addresses).
My ISP give me a subnet of 32 public ip’s and I don’t know how to link them to local(hotspot clients) addresses.
I have no more then 30 active users at once, which means this will do to me a big job.
This is the Hotspot Gateway configuration
192.168.0.2/27 interface=to_main_router
10.10.10.1/24 interface =Local
My Main router configuration is:
192.168.15.1/24 interface=public
192.168.16.1/27 interface=to_hotspot_gateway
On Main router on interface=to_hotspot_gateway I have setup a dhcp_server.
My question and my main idea is:
When user try to go on Internet his local address(10.10.10.x/32) to be translated and assigned by dhcp to one of 192.168.16.0/27 addresses?
Sorry for my bad english,
Thanks a lot!!!
in
/ ip address
set to your WAN interface all addreses given by your ISP
next you must redirect
291.xx.xx.xx is real IP
172.16.xx.xx is local ip
/ ip firewall nat
add chain=dstnat dst-address=291.xx.xx.xx action=dst-nat to-addresses=172.16.xx.xx to-ports=0-65535 comment=“” disabled=no
add chain=srcnat src-address=172.16.xx.xx action=src-nat to-addresses=291.xx.xx.xx to-ports=0-65535 comment=“” disabled=no
Do you really need to map these public addresses to users? Just because your ISP gives them to you, isn’t a reason to map public addresses. The only reason to need more than one public IP address is if some users require to host incoming services, e.g. VPN, HTTP. If your Internet link is slow or ADSL, you should think carefully before allowing users to host services on their systems. The upload speed of most ADSL connections is only enough to serve the ACK packets for the downstream direction, allowing users to run services on their systems will potentially flood the upstream direction and hence also limit downstream bandwidth.
Regards
Chris Macneill
cmacneill
in firewall you have Filter rules you can use it 