DMZ local ip to another without dstnat/port-forward the ports
Posted: Sat May 11, 2019 6:09 pm
Hi,
I have 1 PC (192.168.0.100) connected to 1 mikrotik device (192.168.0.1/24) at ether2.
Then 2 servers which:
- Web Server A (192.168.1.10) connected to same mikrotik device (192.168.1.1/24) at ether3.
- Web Server B (192.168.1.11) connected to same mikrotik device (192.168.1.1/24) at ether3.
So, what I planned to do this is, I create another:
- ip address (192.168.0.10 under ether2) and it that will DMZ/dsnat to 192.168.1.10 (ether3) (Web server A)
- ip address (192.168.0.11 under ether2) and it that will DMZ/dsnat to 192.168.1.11 (ether3) (Web server A)
My objective are:
- the PC can access to the web server A via 192.168.0.10 without using other port (no dstnat/port-forward 81->80, just listening 192.168.0.10:80 (ether2) > 192.168.1.10:80 (ether3))
- the PC can access to the web server B via 192.168.0.11 without using other port (no dstnat/port-forward 82->80, just listening 192.168.0.11:80 (ether2) > 192.168.1.11:80 (ether3))
Should I use IPTunnel or dstnat? or any idea how/other solution how?
I have 1 PC (192.168.0.100) connected to 1 mikrotik device (192.168.0.1/24) at ether2.
Then 2 servers which:
- Web Server A (192.168.1.10) connected to same mikrotik device (192.168.1.1/24) at ether3.
- Web Server B (192.168.1.11) connected to same mikrotik device (192.168.1.1/24) at ether3.
So, what I planned to do this is, I create another:
- ip address (192.168.0.10 under ether2) and it that will DMZ/dsnat to 192.168.1.10 (ether3) (Web server A)
- ip address (192.168.0.11 under ether2) and it that will DMZ/dsnat to 192.168.1.11 (ether3) (Web server A)
My objective are:
- the PC can access to the web server A via 192.168.0.10 without using other port (no dstnat/port-forward 81->80, just listening 192.168.0.10:80 (ether2) > 192.168.1.10:80 (ether3))
- the PC can access to the web server B via 192.168.0.11 without using other port (no dstnat/port-forward 82->80, just listening 192.168.0.11:80 (ether2) > 192.168.1.11:80 (ether3))
Should I use IPTunnel or dstnat? or any idea how/other solution how?