I have 4 nics in a server,
1: WAN ( has my public ip )
2: network1
3: network2
4: network3 and network 4
I need to masqurade all 4 networks to my WAN address / s
I can masqurade them all, but since I have one public address, will this work out?
Can I have multiple public addresses on the same interface, and point each masqurade at a diffent address?
What is the best way to do this?
Thanks,
-dan
yes, you can masquerade 4 networks to one WAN address,
‘ip firewall nat add action=masquerade out-interface=public_iface chain=srcnat’.
It is possible to masquerade (SRC-NAT) specific user/network under certain public address,
‘ip firewall nat add action=src-nat chain=srcnat src-address=local_client_network/address to-addresses=router’s_public_address’.
Is there any downsides to using only one public address?
also is there a limit as to how many networks can be maquraded to one address?
Thanks
There are not any limits to networks in the RouterOS, it should work fine.
ok, thanks,
another question along the same lines,
If I set up something like hotspot and eoip on different interfaces, is there a way I can tell them what interface to use for outgoing?
or what IP address to use on a an interface?
Thanks,
Hai friend
Nices to hear about it....!, i think with Mikrotik's you can make config more friendly.
just tell to you, here i used 2 phisical nics one for public and other one for local network, and on local interface we are running for: DHCP[Hotspot], Dynamic IP, Public IP, PPPoE, Mapping public to local network, webserver, and Userman as Radius-Server for manage as centralized 'AAA'[hotspot and PPPoE], bandwith control management. and supply to clients with different system over wire and unwire.
‘ip firewall nat add action=src-nat chain=srcnat src-address=local_client_network/address to-addresses=router’s_public_address’.
Does this work the same as masqurade?
What I want to do:
4 nics
wan1
wan2
lan1
lan2
lan1 addresses are nat’ed goes out wan1
lan2 addresses are nat’ed goes out wan2
Will the above work, is there any other ways of doing this?
Thanks.
you have to add 'chain=dstnat' for talk to your router from outsite, by dst-nat to local addresses.
Let me re-phrase 
4 interfaces
wan1 10.10.10.1
wan2 20.20.20.1
lan1 1.1.1.0/24
lan2 2.2.2.0/24
I want lan1 ( 1.1.1.0/24 ) to masqurade to interface wan1 ( 10.10.10.1 )
and lan2 ( 2.2.2.0/24 ) to masqurade to interface wan2 ( 20.20.20.1 )
What do I need to do to make this work?
Thanks! ,
-dan
one of sample at this link:
please, focus in 'red block color' list of /ip firewall nat on that screen
http://www.hasbullah.com/cgi-bin/r/db?product=publictolocal#cat
or you can 'search' in this forum with 'hotspot and public ip' word in the case
Thanks for the sample, I want to do a normal maqurade, rather then a one-to-one nat though.
ip firewall nat>
chain=srcnat dst-address=1.1.1.0/24 action=masquerade
If I have multiple wans, how can I tell this stement which one to use for the masqurade?
Thanks for all help,
-dan
Yes, ... that's nat for screen addresses [subnet: 1.1.1.0/24] on the net by masquerade...
for multiple, i think with my last post is possible
Does not work,
chain=srcnat src-address=1.1.1.0/24 action=src-nat
to-addresses=10.10.10.1 to-ports=0-65535
never uses the 10.10.10.1 address, what do I need to change?
is there a way to tell it what “WAN nterface” to use?
thanks
is there a way to tell it what “WAN nterface” to use?
specify ‘out-interface=WAN_interface_name’.
Tried that also, doesnt work.
a.a.a.2/24 eth0
a.a.a.3/24 eth1
a.a.a.4/24 eth2
a.a.a.5/24 eth3
b.b.b.1/24 eth4
c.c.c.1/24 eth5
I want network “b” ( b.b.b.0/24 ) to masqurade to the IP on int “eth0”
I want network “c” ( c.c.c.0/24 ) to masqurade to the IP on int “eth1”
***typical nat statement for masqurade with a LAN and WAN
chain=srcnat dst-address=b.b.b.0/24 action=masquerade
my senario:
example ( network “b” )
I have tried combinations of the following:
change action to src-nat
added to-addresses=a.a.a.2
added out-interface=eth0
None of these combinations work,
I just want to tell the nat statement to use a particular interface or particular address, which ever one works,
Just wanted to explain thoughly-
Thank,
-dan
please, post your list of interfaces name by command console '/interface print'
cause i am not sure your interfaces name is eth0, eth1....et5..etc
I renamed my interfaces, the privious post is correct.
i think, you can't put same subnet on two or many interfaces in the RouterOS, please see from winbox in 'ip route submenu', when you see blue color it's mean route will be not valid.
try structure like this,
a.a.a.2/24 eth0
a.b.a.3/24 eth1
a.c.a.4/24 eth2
a.d.a.5/24 eth3
b.b.b.1/24 eth4
c.c.c.1/24 eth5
and put regular nat masquerade, i think should be ok...!!! or
if you want put same subnet for two or many interfaces better with 'bridge-interface'