NAT bypass

RouterOS Beginner Basics
1

Hi,

i have MKT with multiple public IPs. One of them is on my server. I need to bypass nat in both direction, from server to internet and vice versa. On the server under the network setup i have address 89.x.x.150/28 and def. gateway is 89.x.x.146 (that ip is on mkt). As I mentioned I need bypass that server from NATing.

I put at the top of NAT tab this two rules:

add action=accept chain=srcnat disabled=no src-address=89.x.x.150
add action=accept chain=dstnat disabled=no dst-address=89.x.x.150

is this config ok?

Thanks

2

Anybody?

Thanks

3

There’s several ways to do this . Easiest would most likely be to create a RETURN rule before your srcnat/masq in the postrouting via nat table , though this can get messy if you have tons of ip’s and subs to exclude . ACCEPT should work ok but it gets mega confusing after a while when you are debugging or revisiting that config in 6 months time heh.