Nat / in-interface / ethernet or vlan interface ?

Florian · March 20, 2016, 10:00am

Hello there.

Sorry for the subject title, it’s not very clear.

I’ve a question about the “logic” of vlan interface and nat rules.

I explain, I added a vlan interface on a “physical” interface (let say I added a vlan832 on the ehter 8 interface :

/interface vlan
add interface=ether8 name=vlan832-orange vlan-id=832 mtu=1500 arp=enabled use-service-tag=no )

Now, in my nat rules, do i write in-interface = ether8 , or in-interface=vlan832-orange (I have only this vlan on this interface) ?

Same question with any “rules” in fact…

Thx !

pukkita · March 20, 2016, 10:09am

You should use vlan832-orange interface for any src-nat or dst-nat operations, firewall rules, etc.

Florian · March 20, 2016, 10:12am

Ah ok, thx a lot

pukkita · March 20, 2016, 10:22am

Glad it helped

It’s easy to feel “lost” with WinBox/ROS at first, but once you get the hang of it, everything follows its logic.

Florian · March 20, 2016, 10:27am

Well, in my mind, I thought the both would work, since physically it still come in by “ether8”. I guess I was wrong