A tricky configuration, at least that’s how it looks for me
On a RB450 I am trying to make it act as a normale router
on ether1 I have put the WAN IP and on ether3 I have put
the LAN IP:
/ip address:
address=90.90.90.90/30 interface=ether1
address=192.168.2.1/24 interface=ether3
Now, I want also to netmap a whole subnet on interface ether5
the subnet is 90.90.91.32/27
Is there any way how I can do this?
Thank you
what you want to netmap?..
Hello Chupaka
I want the whole range of IP-s in the subnet 90.90.91.32/27 to be
accessed on the ether5 interface while the ISP link can be accessed
only on the ether1 interface.
You see, the ISP is providing a public IP 90.90.90.90/30 and this will
be used for normal routing on the LAN, while the other range
90.90.91.32/27 will be used for some servers which require direct access
on the internet (don’t ask me why 
)
/ip firewall nat
add action=netmap chain=srcnat disabled=no out-interface=ether1 src-address=<ether5-subnet> \
to-addresses=90.90.91.32/27
add action=netmap chain=dstnat disabled=no dst-address=90.90.91.32/27 in-interface=ether1 \
to-addresses=<ether5-subnet>
something like this…
I tried this before, but it will accept only the dstnat chain:
/ip firewall nat
add action=netmap chain=dstnat disabled=no dst-address=90.90.91.32/27 in-interface=ether1
to-addresses=
while in the srcnat chain it wan’t accept the parameter to-address=90.90.91.32/27 returning
an error that IP address is expected
at least in WinBox all is working fine =)
for CLI, use
to-addresses=90.90.91.32-90.90.91.63
hmm, sometimes it takes a while to try the simple input like yours.
Silly me, I will try that and I will let you know if that works