Payment reminder with https payment system

ViREnG · April 3, 2013, 1:41pm

Hello friends.
I’m use this wiki " http://wiki.mikrotik.com/wiki/Payment_Reminders " for payment reminder and work so good without problem (if client finished , he’s ip pool change to private and redirect with mikrotik proxy to suspended page) .
My clients on regular connections give an public IP pool and when credits finished , ip pool change to private to see suspended page.

PROBLEM : I have two problem , my accounting server running on https (443 port) and our bank webservice gateway too .
My Accounting Page : https://users.mywebsite.com
Our Bank Payment Gateway : https://gateway.bank.com

HOW : how can I allow access to bank payment gateway and our accounting page on https ?

Thanks

ViREnG · April 3, 2013, 8:07pm

no anyone know ?
I must use srcnat for this problem ?

tomaskir · April 3, 2013, 8:15pm

If they are in the private range and you are not allowing them to access the internet by not doing NAT for those private IPs, then you need to set up a masquerade rule in NAT to those 2 destinations. Be carefull to not masquerade all of the traffic tho, because that would still give them internet access if you have no other blocks in place.

ViREnG · April 4, 2013, 5:56am

can give a example ?

– EDIT –
MY Mikrotik IP : 200.20.20.1
if my accounting server ip address is : 200.20.20.30 then below srcnat for suspended clients is good ?

/ip firewall nat
add action=redirect chain=dstnat comment="Suspended Users - Payment reminder proxy" disabled=no dst-port=80 protocol=tcp src-address-list=suspended_users to-ports=8080
add action=src-nat chain=srcnat comment="Suspended Users - Payment reminder proxy" disabled=no dst-address=200.20.20.30 dst-port=443,80 protocol=tcp src-address-list=suspended_users to-addresses=200.20.20.1

tomaskir · April 4, 2013, 9:00pm

That seems fine, but preferably replace the “action=src-nat” to “action=masquerade”.