We have an ISP internet connection with five static IP Addresses. For some reason, one of our firewalls does not work well with our PBX and SIP traffic (we have even tried their support, but they were no help), so we have our SIP traffic going through an edge router. We are switching to a new ISP, and the new ISP does not allow us to pass through IPs to different devices; they must all go to one device. So I am hoping to use a Mikrotik to split IP addresses 1.1.1.1,2,3,5 to the main firewall. and 1.1.1.4 to the edge router. Is it possible to do this? I personally own a Mikrotik that I can use for testing, but I don’t know where to start. I have never touched Mikrotik before.
It’s totally possible. You route the traffic in the appropriate way, exactly how it’s done depends on what sort of hand-off you receive, want to provide and the other two devices are willing to accept.
Though your reasons are a bit special, transiting different IPs to different downstreams is perfectly common. Mikrotiks (and your Edgerouter) handle all common hand-offs fine.
You could perhaps use something like.
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=1.1.1.4 in-interface=ether1 to-addresses={IP OF EdgeRouter}
add action=src-nat chain=srcnat out-interface=ether1 src-address={IP of EdgeRouter} to-addresses=1.1.1.4
In winbox (or webfig), you would have to drag these rules to near the top of their respective NAT sections.
You would add all the ISP provided IP addresses to ether1 (this all assumes ether1 is your WAN port)