I will have an internal network with roughly 100 private /24 subnets in the 10.0.0.0/8 range.
I have 16 /24 public subnets, not all of which are adjacent subnets.
I have an address list of all the used private IPs: “authclients”
I wish to netmap 1:1 nat IPs contained in authclients to available public IPs.
This is what works:
add action=netmap chain=srcnat comment=“Global 1” src-address=10.0.1.0/24 to-addresses=/24
However, I need something like this:
add action=netmap chain=srcnat comment=“Global 1” src-address-list=authclients to-address-list=publicips
Obviously the problem is that to-address-list is not a real command, but you can see what I’m going for. On a Cisco, you can define a public pool for NAT. Does Mikrotik have anything similar?
This is the best work-around I could come up with so far:
I have all of my addresses in an address list. There are about 2500 addresses. I’ve created a script that that will loop through the main list and break it into new address lists of 254 addresses per list.
This kinda works, but I should probably clear all of the lists and recreate them each time to ensure I can keep exactly 254 addresses in each list, as to not waste IPs.
After this I create NAT rules as follows:
add action=netmap chain=srcnat comment=“NAT 1” src-address-list=nat1 to-addresses=<public network 1>/24
add action=netmap chain=srcnat comment=“NAT 2” src-address-list=nat2 to-addresses=<public network 2>/24
etc.
This is messy. Using a public address pool would be ideal.
Okay, I guess I’ll move on. Thank you to everyone who helped me figure out that public address pools are not a thing on Mikrotik. You know who you are.