Hello,
I have multiple public IP addresses on the same gateway assigned on the same interface, ether1, for public Internet access. Meanwhile, ether2 is for LAN users to access the Internet via NAT. Now, I would like to have a certain amount of LAN users to use other IP addresses other than the main IP to access the Internet. How could I accomplish that?
This is my configuration:
*** Public IP addresses: 1.1.1.2, 1.1.1.3, 1.1.1.4, 1.1.1.5
*** Public Gateway: 1.1.1.1
*** Public Main IP: 1.1.1.2
*** Private IP addresses: 100.75.175.2 - 100.75.175.254
*** Private Gateway: 100.75.175.1
When router booted up for the first time, I used the “QuickSet” feature to setup the main IP, DHCP, and NAT for Internet connectivity inside LAN.
Then, I navigated to IP → Addresses to add other public IP addresses.
- Note that the IP → Routes then had these rules generated automatically:
#1
Destination Address: 0.0.0.0/0
Gateway: 1.1.1.1 → reachable ether1
No Routing Mark and Preferred Source.
#2
Destination Address: 1.1.1.0/24
Gateway: ether1 → reachable
No Routing Mark
Preferred Source: 1.1.1.2
After that, I created the following rules:
/ip firewall nat
add action=src-nat chain=srcnat comment=LAN1 out-interface=ether1 src-address=100.75.175.50 to-addresses=1.1.1.3
/ip firewall mangle
add chain=prerouting src-address=100.75.175.50 action=mark-routing new-routing-mark=Public_IP_2
/ip route
add dst-address=0.0.0.0/0 gateway=1.1.1.1 routing-mark=Public_IP_2
add dst-address=1.1.1.0/24 gateway=ether1 routing-mark=Public_IP_2 pref-src=1.1.1.3
Tried after finishing the above setup, the 100.75.175.50 still access the Internet via 1.1.1.2 instead of 1.1.1.3. What have I done wrong? Could anyone please help me with that?
Hope to get replies soon.
Thanks! Much appreciated!
Regards,
Andy