Guys,
i’m using RB493ah right now using bridge mode. now i want to configure port 3,4 and 5, 6 but Port 5 & 6 will be use later.
I want to configure NAT on port 3,4,5,6 with DHCP
LAN Port 3: 10.10.1.1 / 255.255.255.0
LAN Port 4: 10.10.2.1 / 255.255.255.0
LAN Port 5: 10.10.3.1 / 255.255.255.0
LAN Port 6: 10.10.4.1 / 255.255.255.0
Right now using single (1) ISP but i will add more later.
Guys, please check this config. thanks
/interface enable ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9
ISP 1
/ip dhcp-client add interface=ether1 disabled=no
Lan Port 3:
/ip address add address=10.10.1.1/24 interface=ether3
/ip firewall nat add chain=srcnat src-address=10.10.1.0/24 action=masquerade
Lan Port 4:
/ip address add address=10.10.2.1/24 interface=ether4
/ip firewall nat add chain=srcnat src-address=10.10.2.0/24 action=masquerade
Lan Port 5:
/ip address add address=10.10.3.1/24 interface=ether5
/ip firewall nat add chain=srcnat src-address=10.10.3.0/24 action=masquerade
Lan Port 6:
/ip address add address=10.10.4.1/24 interface=ether6
/ip firewall nat add chain=srcnat src-address=10.10.4.0/24 action=masquerade
Remove all those NAT rules. Replace them with just this:
/ip firewall nat
add chain=srcnat out-interface=ether1 action=masquerade
add chain=srcnat out-interface=ether2 action=masquerade disabled=yes
Once you start using ISP2 on ether2 enable the second rule.
so it would look like this.
/interface enable ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9
ISP 1
/ip dhcp-client add interface=ether1 disabled=no
Lan Port 3:
/ip address add address=10.10.1.1/24 interface=ether3
Lan Port 4:
/ip address add address=10.10.2.1/24 interface=ether4
Lan Port 5:
/ip address add address=10.10.3.1/24 interface=ether5
Lan Port 6:
/ip address add address=10.10.4.1/24 interface=ether6
/ip firewall nat
add chain=srcnat out-interface=ether1 action=masquerade
/ip dns set allow-remote-requests=yes
thanks for your help.
No. You only need that NAT line once. Repeating it four times doesn’t make any sense.
i see.
i have edited my reply above. thank you very much for your help.
I will test this config next week.
guys, i have one more question.
how do i make Lan Port 3,4,5 and 6 be able to ping each other? and how do i enable hotspot on Port 3,4,5,6?
please check this config for hotspot.
Hotspot Config on Lan Port 3
[admin@MikroTik] /ip hotspot> setup
Select interface to run HotSpot onhotspot interface: ether3
Set HotSpot address for interfacelocal address of network: 10.10.1.1/24
masquerade network: yes
Set pool for HotSpot addressesaddress pool of network: 10.10.1.1-10.10.1.254
Select hotspot SSL certificateselect certificate: none
Select SMTP serverip address of smtp server: 0.0.0.0
Setup DNS configurationdns servers: 10.10.1.1
DNS name of local hotspot serverdns name: myhotspot 3
Create local hotspot username of local hotspot user: admin
password for the user:
[admin@MikroTik] /ip hotspot>
Hotspot Config on Lan Port 4
[admin@MikroTik] /ip hotspot> setup
Select interface to run HotSpot onhotspot interface: ether3
Set HotSpot address for interfacelocal address of network: 10.10.2.1/24
masquerade network: yes
Set pool for HotSpot addressesaddress pool of network: 10.10.2.1-10.10.2.254
Select hotspot SSL certificateselect certificate: none
Select SMTP serverip address of smtp server: 0.0.0.0
Setup DNS configurationdns servers: 10.10.2.1
DNS name of local hotspot serverdns name: myhotspot 4
Create local hotspot username of local hotspot user: admin
password for the user:
[admin@MikroTik] /ip hotspot>
Thanks
It’s a router. It will automatically route between all directly connected networks, because that’s what routers do - it’s their purpose. Therefore devices in directly connected networks can ‘ping one another’. Or more accurately: route traffic to one another, unless firewalls block that traffic.
Sure. Run the Hotspot wizard if you’d like.
thanks a lot.