Most of our customers do not need real world ip’s so we give all our customers private ip’s. There are a few that need them though. Most work with how we do this but their are a few that have some problems because when they do what is my IP on the internet it is reporting the ip of our main router right before our internet circuit. We are giving these real ip’s out in the NAT Firewall.
chain=dstnat action=dst-nat to-addresses=x.x.x.x (private IP)
Can anybody tell me another way to do this so it will report the Real IP we assign to them or what else I need to do in addition to what I have already done.
Thank you!!!
I would try this:
/ip firewall nat
add chain=srcnat action=src-nat to-addresses=xxx.xxx.xxx.xxx src-address=192.168.0.2/32
add chain=srcnat action=masquerade out-interface=ether1
This presumes the server’s internal ip is 192.168.0.2
I think it’s because you use WebProxy, don’t you?
SurferTim:
I would try this:
/ip firewall nat
add chain=srcnat action=src-nat to-addresses=xxx.xxx.xxx.xxx src-address=192.168.0.2/32
add chain=srcnat action=masquerade out-interface=ether1
This presumes the server’s internal ip is 192.168.0.2
I tried that and it still doesn’t report the ip we set them to. Also we are not running a WebProxy. Any other ideas???
Chupaka
January 26, 2009, 10:32pm
5
do counters on src-nat rules increase?..
please give us full export of NAT rules…
Ok the first part is where I am masquerading all our private ips so they will work on the internet. The bottom part is where I am doing the one to one nats for our customers.
/ip firewall nat
hmmm… didn’t you see that below rules are not working (not counting any packets)? =)
all your users are just masqueraded - move all ‘individual’ rules above masquerade rules
Wow it’s always something simple. Thanks that did the trick it appears!! whatismyip.com is reporting correctly now. I’ll have them try it for what that need it for now. Thanks again!