I have two RouterOS devices, #1 is gateway router with firewall and NAT, #2 is performing as a SSTP VPN server (among other things). On router #1 there is a dst-nat rule pointing any traffic from the internet on TCP port 443 to router #2, which works just fine.
Now, I’d like to have additional services (like https web server) on port 443 accessible to the outside world. I only have one public IP address available. What would be the best approach?
Since I have IIS10, how can its URL Rewrite module be set up to redirect SSTP traffic to router #2 for incoming traffic to vpn.example.net?
Thinking a bit outside the square - will your ISP offer you a public subnet? There is usually an extra charge for this. $2 per IPV4 address per month is the going rate. So a /29 (8 IP’s of which 5 are usable for hosts) would be $16 per month.
Otherwise, if you can get IPV6 space and can do end-to-end V6, this will also solve your problem. If you use IPV6, be aware you will need a minimum of /64 for any subnetted block and a /64 per router to router connection. But if your ISP can give you a /56, which they should be able to with no hassles, you have plenty to work with.