good afternoon, I’m new to mikrotik and I need help with this topic, I would like to know how I can do this I have a cisco router on a mikrotik.
this is the configuration of cisco
interface Ethernet0
description CONEXION DATOS
ip address 30.30.30.1 255.255.255.248
ip nat inside
full-duplex
no cdp enable
!
interface Ethernet1
description CONEXION INTERNET
ip address 190.90.44.41 255.255.255.0
ip nat outside
full-duplex
no cdp enable
!
interface FastEthernet0
description CONEXION RIOHACHA
ip address 10.10.10.1 255.255.255.240
ip nat inside
speed auto
full-duplex
no cdp enable
!
ip nat translation timeout 60
ip nat pool rango2 190.90.44.56 190.90.44.60 netmask 255.255.255.0
ip nat inside source list 1 pool rango2 overload
ip nat inside source static 190.90.44.242 190.90.44.242
ip nat inside source static 190.90.44.243 190.90.44.243
ip nat inside source static 190.90.44.244 190.90.44.244
ip classless
ip route 0.0.0.0 0.0.0.0 190.90.44.1
ip route 20.20.20.0 255.255.255.0 30.30.30.2
ip route 70.41.23.0 255.255.255.0 30.30.30.2
ip route 190.90.44.240 255.255.255.248 10.10.10.9
ip route 192.168.10.0 255.255.255.0 30.30.30.2
ip route 192.168.80.0 255.255.255.0 30.30.30.2
ip route 192.168.90.0 255.255.255.0 10.10.10.9
ip route 192.168.144.0 255.255.252.0 30.30.30.2
ip http server
!
access-list 1 permit any
no cdp run
snmp-server community RO
snmp-server enable traps tty
I would like to deploy this configuration on a mikrotik router, someone can help me to do this configuration? agradeze it much
Your config is pretty straight forward, though the NAT rules appear to be a little confused.
Under /ip addresses, add your addressed to your desired interfaces.
Under /ip routes, add your routes
The 20.20.20 and 30.30.30 addresses… are these the actual addresses assigned to you by your provider? Are these addresses you picked out because they seemed “easy,” or are they obfuscations for this post?
Anyways, the static nat statements appear to be natting those addresses to themselves. I’m really not sure why it was set up like this, except to override the general nat, which is a very odd way to do it. It would make more sense to exclude these from NAT to begin with by using access lists for addresses you want to nat.
What I would suggest here, is to build an address list (/ip firewall address-list) with all the subnets you want to use NAT for and a NAT rule (/ip firewall nat) to do the work.
/ip firewall address-list
add list=to_nat address=192.168.70.0/24
…
/ip firewall nat
add chain=srcnat action=src-nat to-addresses=190.90.44.56-190.90.44.60 src-address-list=to_natGood luck!
hi troy, look at the pool of public addresses that I have is 190.90.44.0/24 , I have a cisco in which the settings mentioned above.
my client needs 8 public addresses, then we assign the following 190.90.44.240/29 pool . the other directions are for data ( 30.30.30.x - 192.168.xx - 20.20.20.x ) .
I need to do in the mikrotik is:
ip nat translation timeout 60
ip nat pool Range2 190.90.44.56 190.90.44.60 netmask 255.255.255.0
ip nat inside source list 1 pool Range2 overload
ip nat inside source static 190.90.44.242 190.90.44.242
ip nat inside source static 190.90.44.243 190.90.44.243
ip nat inside source static 190.90.44.244 190.90.44.244
ip classless
ip route 0.0.0.0 0.0.0.0 190.90.44.1
ip route 20.20.20.0 255.255.255.0 30.30.30.2
ip route 70.41.23.0 255.255.255.0 30.30.30.2
ip route 190.90.44.240 255.255.255.248 10.10.10.9
ip route 192.168.10.0 255.255.255.0 30.30.30.2
ip route 192.168.80.0 255.255.255.0 30.30.30.2
ip route 192.168.90.0 255.255.255.0 10.10.10.9
ip route 192.168.144.0 255.255.252.0 30.30.30.2
ip http server