Happy new year!, actually I bought one of the RB from MikroTik which the model is RB3011. I would say, it’s a WOW for this as it provides a lot of functions and flexibility. Anyhow, let me get to the point. I have clients, which is currently using our infrastructure. Let’s say my structures are these.
INTERNET → MikroTik → Client’s Firewall.
So basically, for instance, I’m given an IP-address by the ISP which is 42.61.113.32 ~ 39 (usable 33 ~ 38) subnet mask 255.255.255.248. I would like to give 37 & 38 to client so that can use it directly without going through NAT. What’s going on right now is that, i am using firewall to NAT it for their ip address, while they are using local IP-address.
In this case, can anyone support me, how do I actually route the IP-address directly to the clients port, so that they just set their firewall IP-address as 42.61.113.37 or xx.xx.xx.38
ether1 = WAN (Internet input)
ether2 = LAN (my own LAN)
ether6 = CLIENT
Let me know if possible. Thanks! it would be great if can provide step by step setup.
Thanks for your response on this matter. I will try it out tomorrow and see how it goes.
My current setup is as follows : -
Internet → Router (Firewall dst & src to client’s firewall(192.168.2.254/42.61.113.37/38).
This is what he requested
“There might be a slight issue for us to use a private ip address behind your router, then routed as a public IP address, is it possible to use Public IP at the demarcation, instead of the 192.168.2.x?”
After reading your original post again (first time I somehow missed the info about dedicated port), I think it would be easiest to put ether1 and ether6 together using either sw bridge or hw switching, and let them use 42.61.113.3x in usual way with /29 mask.
But for the record, it’s also possible to route addresses like this: