I have 2 routers with BGP divulge one / 22 and different / 23 in each.
I have one client with internal ip, I need to do NAT for specific ip. The download is the router 2, however need to upload it for the router 1.
Say:
10.1.1.2 -> 203.0.113.2

I checked:
/ Ip settings
September rp-filter = no tcp-syncookies = no
/ IP connection firewall tracking
September enabled = yes generic-timeout = 10m icmp-timeout = 10s tcp-close-timeout = 10s tcp-close-wait-timeout = 10s tcp-established-timeout = 10m tcp-fin-wait-timeout = 10s \
tcp-last-ack-timeout = 10s tcp-max-retrans-timeout = 5m tcp-syn-received-timeout = 5s tcp-syn-sent-timeout = 5s tcp-time-wait-timeout = 10s tcp-unacked-timeout = 5m \
udp-stream-timeout = 3m udp-timeout = 10s

For this in the router 1 and router 2 created the following rules:

/ Ip firewall nat
add action = dst-nat chain = dstnat comment = "2 CLI" dst-address = 203.0.113.2 to-addresses = 10.1.1.2
add action = src-nat chain = srcnat comment = "CLI 2" out-interface = "ether-Link" src-address = 10.1.1.2 to-addresses = 203.0.113.2

When uploading and downloading occurs on the same router works fine, whatever the router when uploading and downloading occurs in different links there does not work.
What should I check more?

Beware OSPF/BGP could behave unexpectedly if you NAT their packets (BGP uses tcp port 179) you should exclude that port so that traffic is not "manipulated".

OK I NAT only client IP, not a BGP router IP.

Enviado de meu SM-G800H usando Tapatalk