SRC rules problem

Kaktus · January 22, 2013, 6:28pm

Hi…
I have routerboard RB/2011L .
I need rules, that permit connection from a “src list” of ip to another “dst list” of ip only on RDP protocol.

Exemple> sources ip List1(192.168.0.2,192.168.0.3,192.168.0.10) have only acces via rdp connection to destination internet ip List2(178.168.12.45, 93.23.56.54, 87.12.45.87 ).

I have done:
I create List1 and List2.
1 Create nat rule: chain=srcnat outinterface=eth1 src_address_list=List1 dst_adressList=List2 action=src-nat to adresses 122.122.122.122 (ip given from ISP) - work

but
2 Create nat rule: chain=srcnat protocol=tcp srcport=3389 src_address_list=List1 dst_adressList=List2 action=src-nat to adresses 122.122.122.122 (ip given from ISP)
are not working???
Why???

I configure routeboard with winbox.

Thanks for any suggestions.

plisken · January 23, 2013, 1:33pm

After 1 hour searching i found the richt thing, but is not completely perfect
The list you’ll have to customize do not use _ character
Customize your ip addresses to
add chain=scrnat address-list=list1 protocol=tcp port=3389 dst-address=list2 action=src-nat to-addresses 122.122.122.122

If i help you give me karma pleace