I am trying to configure a Mikrotik RB2011UiAS-RM to work behind a Virgin Media SuperHub with a static IP. Virgin does not allow the static IP to be used on another device, but I believe there are ways around this. I believe I have 2 options.
- Put the RB2011 in the Superhubs DMZ and assign it an IP address within the Superhubs LAN range.
- Try to spoof the MAC address of the Superhub to pick up the static IP which is attached to the Superhub.
Currently the RB2011 is setup with option 1, but I can’t seem to connect properly to the internet. Ping and DNS are working but I am trying to send an audio mp3 stream to an Icecast server, and that doesn’t seem to connect. I think it’s something to do with double natting, but I don’t know how to resolve this.
So is it possible to spoof the MAC address with Virgin connections? I think I tried this before but couldn’t get it working. Or is better to use the DMZ option? If so, what do I need to do to fix the current config?
/interface bridge
add name=bridge
/interface ethernet
set [ find default-name=ether1 ] name=WAN1
/interface list
add exclude=dynamic name=discover
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=10.0.2.220-10.0.2.230
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge lease-time=1w name=dhcp1
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/interface bridge port
add bridge=bridge disabled=yes interface=ether3
add bridge=bridge hw=no interface=ether6
add bridge=bridge hw=no interface=ether7
add bridge=bridge hw=no interface=ether8
add bridge=bridge hw=no interface=ether9
add bridge=bridge hw=no interface=ether10
add bridge=bridge hw=no interface=sfp1
add interface=ether5
add interface=ether4
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface list member
add interface=sfp1 list=discover
add interface=ether2 list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ether5 list=discover
add interface=ether6 list=discover
add interface=ether7 list=discover
add interface=ether8 list=discover
add interface=ether9 list=discover
add interface=ether10 list=discover
add interface=bridge list=discover
add interface=WAN1 list=WAN
add list=LAN
/ip address
add address=192.168.0.2/24 interface=WAN1 network=192.168.0.0
add address=10.0.2.200/24 interface=bridge network=10.0.2.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=WAN1
/ip dhcp-server network
add address=10.0.2.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.0.2.200 netmask=24
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=accept chain=input dst-port=80 in-interface=WAN1 protocol=tcp
add action=accept chain=input dst-port=22 in-interface=WAN1 protocol=tcp
add action=accept chain=input dst-port=22 in-interface=WAN1 protocol=udp
add action=accept chain=input dst-port=80 in-interface=WAN1 protocol=udp
add action=drop chain=input dst-port=53 in-interface=WAN1 protocol=tcp
add action=drop chain=input dst-port=53 in-interface=WAN1 protocol=udp
add action=drop chain=forward dst-port=53 in-interface=WAN1 protocol=tcp
add action=drop chain=forward dst-port=53 in-interface=WAN1 protocol=udp
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN1
/ip route
add distance=1 gateway=192.168.0.1 pref-src=192.168.0.2
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set winbox address=10.0.2.0/24
/lcd
set time-interval=hour
/system clock
set time-zone-name=Europe/London
/system routerboard settings
set silent-boot=no
/tool graphing interface
add interface=WAN1
/tool traffic-monitor
add interface=WAN1 name=tmon1 threshold=0