I use RouterBOARD 333. One interface is local (192.168.0.0/24) second is Public (1.2.3.16/28). To access Internet I set up chain=srcnat action=masquerade rule. The problem is that I need to assign some public IP to local ones (like 1.2.3.30 to 192.168.0.100, 1.2.3.20 to 192.168.0.50…), to access local PC from external IP. So I did following
You need to src nat in a different way so that instead of masquerading you have action=src-nat and then the “public” IP for each IP you have nattet. Reason why it doesnøt work now is that the reply coming from your inside is the interface NAT address instead of the public IP you called from outside.
