Need a little help for the correct configuration

jansat · February 17, 2014, 1:30pm

I have a unmanaged switch from the provider and must have a L3 router or firewall for the connection I hope the RB1100ahx2 can do the job.
on the wan site I must put ip address 212.x.x.114
with gateway 212.x.x.113
and subnet 255.255.255.252
for the connection with the backbone.

I have 5 public ip’s
public ip 212.x.x.11-16
subnet 255.255.255.248

lan network 10.10.10.1
subnet 255.255.255.0
ip pool 10.10.10.10-10.10.10.200
server1 op 10.10.10.99 DC exchange server
server2 op 10.10.10.87 emailserver and webserver
server3 op 10.10.10.2 no connection required to internet on this moment
port forwarding, harpin nat and firewall rules (from dmitry i use) i think i understand this from my homerouter RB2011UiAS-2HnD. but not the p2p connecting and linking the public ip addresses to it because there are tree diffrent subnets 252, 248 and 0.

/interface ethernet
set [ find default-name=ether2 ] master-port=ether1
set [ find default-name=ether3 ] master-port=ether1
set [ find default-name=ether4 ] master-port=ether1
set [ find default-name=ether5 ] master-port=ether1
/ip pool
add name=dhcp ranges=10.10.10.100-10.10.10.200
/ip dhcp-server
add address-pool=dhcp disabled=no interface=ether1 name=dhcp1
/ip address
add address=212.x.x.114/30 interface=ether13 network=212.x.x.112
add address=10.10.10.1/24 interface=ether1 network=10.10.10.0
/ip dhcp-server network
add address=10.10.10.0/24 gateway=10.x.x.1 netmask=24
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether13
add action=dst-nat chain=dstnat in-interface=ether13 protocol=tcp
src-address=212.x.x.16 to-addresses=10.10.10.99 to-ports=0-65535
add action=dst-nat chain=dstnat in-interface=ether13 protocol=tcp
src-address=212.x.x.13 to-addresses=10.10.10.87 to-ports=0-65535
/ip route
add distance=1 gateway=212.x.x.113
/ip upnp
set allow-disable-external-interface=no
/system identity
set name=Firewall

plisken · February 17, 2014, 7:00pm

What wil you do?
Wat wil je doen?

jansat · February 17, 2014, 7:40pm

De bedoeling is een wan poort voor de P2P verbinding met de provider (212.x.x.114) gateway 212.x.x.113 dan de lan voor het lokaal netwerk netwerk (10.10.10.1) gateway 10.10.10.1 de servers verbinden via het public netwerk heb 5 public ip’s (212.x.x.11-212.x.x16) gateway is 212.x.x.11 en natuurlijk moet het lannetwerk ook verbonden zijn met internet.
poort forwarding via nat dat lukt mij wel en ik denk de andere benodigde instellingen ook wel.
Probleem zit hem in voor mij in de verschillende sub netten en hoe het te configureren zodat het werkt.

The aim is a wan port for P2P connection to the provider (212.xx114) gateway 212.xx113 than the local network lan network (10.10.10.1) 10.10.10.1 gateway to connect the servers via the public network have five public ip’s (212.X.11 - 212.x.x16) gateway 212.x.x.11 and of course, the lannetwerk also be connected to the Internet.
port forwarding through nat to the servers I can do, and I think the other necessary settings too.
Problem is for me in the different sub networks and how to configure it so that it works

jansat · February 18, 2014, 10:30pm

Is there someone who can help me with this configuration I would certainly appreciate.