All I need my script to do is the following:
/ip firewall nat 3 set dst-address x.x.x.x
The 3 is the nat rule I need to change.
I’ve tried everything I can think of. Have looked in the scripting forum, have read and reread the manual. And cannot get it to work.
The above command works fine from the command line, but I can’t seem to incorporate it into a script.
Any suggestions.
3 is used after print command, you can accomplish print and store to buffer information about number.
Add ‘comment’ field to NAT rule, then use ‘find’ option to change dst-address for this rule.
I do have a comment set to “RDP”. I’ve also tried to ‘find’ the comment, then update the dst-address, but haven’t been able to get that to work.
I’ve spent the last couple of weeks trying to get this to work. It seems so simple, yet not.
If anyone can pass along a code snippet, that would be very helpful.
Try this
/ip firewall nat set [find
comment=“RDP”] dst-address x.x.x.x
I owe you one big ass beer. Of all the things I tried…that wasn’t one of them.
Works perfect. Here is the completed very basic script. But will allow me to update the nat IP when the pppoe ip changes. then all I have to do is check the address from no-ip.com and can rdp into the system.
:global pppoe-ip Verizon-pppoe-out
:local pppoe-ip [/ip route get [/ip route find interface=$pppoe-ip] pref-src]
/ip firewall nat set [find
comment=“RDP1”] dst-address $pppoe-ip
:log info $pppoe-ip
Thanks for the help
You can remove the dst-address from the nat rule and just specify incoming interface. This removes the need to hardcode your IP in the rule. Perfect for cable modem / dsl addresses.
Sam
very easy
use HTTP interface and on Firewall select interface and click NAT