I have a RB493 and am trying to set it up to replace my old firewall/router. I am only using ether2-9. ether2 has been named WAN and is where my public IP will come from. Right now, for testing, it is set as a static IP. ether3-9 are connected to the bridge and I gave a private 192.168.x.x IP to the bridge. ether1 and ether2 are removed from bridge.
I have srcnat working so PCs connected to ether3-9 get natted to the public IP on the WAN interface. I have two dstnat rules in place to make www and mysql from one of the clients in the bridge accessible to the WAN.
WAN: 172.16.0.2 - will be my public IP when router is installed
bridge: 192.168.105.1/24 - Local LAN subnet. These IPs get srcnat to the 172.16.0.2 IP
192.168.105.100 - client connected to ether3 that needs http (port 80) and mysql (port 3306) to be visible to public internet
This is all working. The problem I will have is when I put the RB in place it will get a DHCP address that may change. How can I update my rules automatically to keep the dstnat working? This is my nat rules:
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade out-interface=WAN
1 chain=dstnat action=dst-nat to-addresses=192.168.105.100 protocol=tcp
dst-address=172.16.0.2 dst-port=80
2 chain=dstnat action=dst-nat to-addresses=192.168.105.100 protocol=tcp
dst-address=172.16.0.2 dst-port=3306
Thanks,
thecrowbar