Internet -> Modem (bridge mode) -> Mikrotik (two ethernet cards)-> Hub -> LAN/Servers/Clients
Let's say I have a client (laptop) with ip 192.168.2.33 (Windows XP)
My Mikrotik LAN card has ip 192.168.2.1
My email server has ip 192.168.2.4 (Windows 2003 server with hmail)
I also has domain and redirect port 80 to web servers, and port 110 and 25 to email server.
Currently I have a queue for that IP 192.168.2.33 for 50k upload 100k download, and it's working just fine.
From outside, that laptop accesses email without being capped by mikrotik.
However, there's a capped bandwith based on Queue I set up for that IP when that PC is accessing email server from Internal network using pop and smtp for my domain (public DNS).
Of course the simplest solution would be to change POP and SMTP setting on that particular laptop, so it points to my email server's Windows hostname when it's inside my network, and change it back to public DNS when it's outside. But I don't want that solution - it's so inconvenient by design.
Is there a solution for this problem?
My mikrotik configs:
Code: Select all
0 ;;; Masquerade
chain=srcnat action=masquerade
1 ;;; Web
chain=dstnat dst-address=118.96.xxx.xxx protocol=tcp dst-port=80
action=dst-nat to-addresses=192.168.2.3 to-ports=80
2 chain=srcnat dst-address=192.168.2.3 protocol=tcp dst-port=80
action=src-nat to-addresses=192.168.2.3 to-ports=80
3 ;;; Transparent Proxy
chain=dstnat src-address=192.168.2.0/24 protocol=tcp dst-port=80
action=redirect to-ports=3128
4 ;;; POP SMTP
chain=dstnat dst-address=118.96.xxx.xxxprotocol=tcp dst-port=110
action=dst-nat to-addresses=192.168.2.4 to-ports=110
5 chain=dstnat dst-address=118.96.xxx.xxx protocol=tcp dst-port=25
action=dst-nat to-addresses=192.168.2.4 to-ports=25
6 ;;; VNC pt-xxxxxx.com
chain=dstnat protocol=tcp dst-port=5900 action=dst-nat
to-addresses=192.168.2.3 to-ports=5900
7 ;;; CCTV Besar
chain=dstnat protocol=tcp dst-port=83 action=dst-nat
to-addresses=192.168.2.2 to-ports=80
8 chain=dstnat protocol=tcp dst-port=4550 action=dst-nat
to-addresses=192.168.2.2 to-ports=4550
9 chain=dstnat protocol=tcp dst-port=5550 action=dst-nat
to-addresses=192.168.2.2 to-ports=0-65535
10 ;;; CCTV Kecil: 19 atas - 18 bawah
chain=dstnat protocol=tcp dst-port=84 action=dst-nat
to-addresses=192.168.2.18 to-ports=80
11 chain=dstnat protocol=tcp dst-port=85 action=dst-nat
to-addresses=192.168.2.19 to-ports=80