Greetings,
Let me start by saying I have probably read every post concerning RouterOS NATTing and for some reason I cannot get it to work. I have been at this for like 4 days now and finally decided to post a request for some help.
I am a process control guy, I love route-able IP ranges, so much easier for me. Unfortunately I need to make "172.16.4.52" look like "10.20.8.9". so in my head I say ok no sweat google will get me through... lol so wrong..
Here is what I am trying to accomplish I have a Modbus Gateway-"172.16.4.52" I want to be able to poll "10.20.8.9", and act the same as if I was polling 172.16.4.52 directly. I am thinking I need to NAT the two IP addresses together. Well i have tried multiple config's and here is my latest ones- any thoughts, criticisms, or anything is more than welcome.
I just exported everything but I am not even going to use the wireless right now. I just had this hardware idle and wanted to utilize its routing ability.
I ran into some problems too. However, mine I got to work out after and responses/suggestion from the forum.
I did however, followed quite few YouTube videos to make sure my settings were correct. This is because I am very new to Mikrotik.
These are the links of videos I followed.
It isn’t clear what the source of the polling is. A device with address 10.2.8.X? The IP address currently applied to ether1 is a /32 - i.e. a single IP number. Which IP range is this interface expected to talk to?
hopefully I am answering this properly, a PC with an address of 10.20.8.71 should poll -10.20.8.9- and expect the same results as if i was polling 172.16.4.52 directly on the same subnet.
The /32 setting means that this interface has no idea that there are other 10.20.8.x addresses available via this interface. Perhaps you meant to use 10.20.8.9/24 ?
so I made that change and I can now successfully ping 10.20.8.9 but the NAT rules still are not working.? and if I try 10.20.8.9 on port 80 it just brings me to the routers webGUI. Not to the 172.16.4.52 WebGUI.
So is the 172.16.4.52 the ISP IP? If it is, once you get into your system, in your broswer bar, enter the IP (192.168.0.1) of the DHCP from that modem.
It should bring up the device login screen.
IE>your ISP has assigned the 172 to your modem, your modem is assigning a 192.168.0.4 to your router, so there for you need to go to 192.168.0.1.
no there is no ISP..(all private network) 172.16.4.52 is the current ip of the “Modbus gateway” device. No DHCP as all ip defined are static. I just need to be able to type 10.20.8.9. in my browser and hopefully it should act as if i was on the 172.16.4.xx subnet. so..
"MY PC (10.20.8.71) —>(Router 10.20.8.9) ---->“Modbus Gateway”(172.16.4.52)..
On this one perhaps you want the device at 172.16.4.52 to see the requests coming from the router’s IP address on 172.16.4.0/24? If so you need to have a SRC NAT rule with out-interface = ether2 and dst-address=172.16.4.52.
Still not working completely, but have to be making progress. I made the changes you suggested and now I can see packets hit both of the firewall rules. But when I look at the connections tab a tcp connection will never establish, it just says sync…
I guess it just seems confusing “out-interface” and “to-address” of the src-NAT. does not seem like a logical solution… but then again I am very new to the Microtik world.
Finally!, that worked. I definitely have some reading to do, I still do not quite understand why that worked. But thank you very much for the help!