Hi,
I’ve just taken over looking after a domain and have never done anything with Mikrotek firewalls before. Basically, we have a fibre connection with 5 public IP addresses, and our internal LAN uses the first IP address from that range when it connects out to the internet.
I’ve been asked to look at implementing ADFS (easy enough), so what I want to work out how to do is as follows:
Leave the existing provision in place as is, then take the last of the 5 public IP addresses in the range and NAT this to a specific internal IP address for TCP 443.
Looking at the current NAT rules, there are 2 in the srcnat chain, both are set to masquerade and the 2nd rule has the entire internal network range added as a subnet.
I’m guessing that I need to add a DstNat rule for a the public IP address and pipe that through to the internal address (and vice-versa), but haven’t found any good examples of how to do this yet whilst leaving the other rules untouched.
Sorry if this is a little long winded, like I said, I’m new to this and would really appreciate it if someone could tell me how best to do it. I’m sure it’s not too complicated, just will take me a lot longer to find it out without someone out there taking pity on me 