Hi, here is my scenario.
Private subnets
10.10.1.0/24 - home users
10.10.2.0/24 - business users
10.10.3.0/24 - management
Public Subnet
2.2.2.0/29
I am trying to assign each subnet its own public IP to access the internet as below
10.10.1.0/24 - > 2.2.2.1
10.10.2.0/24 - > 2.2.2.2
10.10.3.0/24 - > 2.2.2.3
You access the internet via the (or the world sees your public IP) as the one assigned to your private subnet.
How can I achieve this??
/ip firewall nat
add action=src-nat chain=srcnat out-interface=<PUT WAN INTERFCE HERE> src-address-list=10.10.1.0/24 to-addresses=2.2.2.1
add action=src-nat chain=srcnat out-interface=<PUT WAN INTERFCE HERE> src-address-list=10.10.2.0/24 to-addresses=2.2.2.2
add action=src-nat chain=srcnat out-interface=<PUT WAN INTERFCE HERE> src-address-list=10.10.3.0/24 to-addresses=2.2.2.3
What is this???
You access the internet via the (or the world sees your public IP) as the one assigned to your private subnet.
Explain better, is like nonsense.
If you mean: have Internet access using, for example, 2.2.2.1 but appear to a remote site, for example ebay, as coming from 10.10.1.x,
you have to be arrested, taken to jail and they have to throw away the key.
Sorry for the bad explanation. I meant depending on which subnet you’re in, you use a different Public IP to access the internet. So if for example, if a home user does something malicious on the internet, and that public IP is blacklisted, users in the home subnet are affected alone. The users in the other two subnets are not.
Ah, ok, perfectly understanded now.
On example, if Home user go on blacklist the another two NOT, remain free, as you ask.
You can use 3 IP like this, and leave the other 3 as reserve on the time you ask the blacklist owner to remove the IP from his database…