Page 1 of 1

Public IP for each pppoe server

Posted: Wed Mar 30, 2016 1:57 pm
by Ahmed1989
Hello

I have a pppoe server as shown in the picture


how can I configure NAT to specify Public IP for each pppoe clients in one pppoe server ?

Re: Public IP for each pppoe server

Posted: Wed Mar 30, 2016 5:21 pm
by pukkita
That diagram isn't clear, does the Mikrotik run a PPPoE server itself, and if so, why eth1,2,3 connect to more pppoe servers? or those are the interfaces connected to sectors, or network segments from where PPPoE clients reach the Mikrotik?

Re: Public IP for each pppoe server

Posted: Wed Mar 30, 2016 10:41 pm
by Ahmed1989
each interface of mikrotik RB is pppoe server ... and these interfaces connected to pppoe clients ( such as sectors )

I need to specify public IP for pppoe clients in one sector

Re: Public IP for each pppoe server

Posted: Wed Mar 30, 2016 11:35 pm
by pukkita
Cannot you use src-address as criteria? Do you use different pools for each PPPoE server?

Re: Public IP for each pppoe server

Posted: Wed Mar 30, 2016 11:44 pm
by Ahmed1989
No I cannot use src-address , I use the same pools for different pppoe servers ... I tried to use in interface for matching ... but it doesnt working

Re: Public IP for each pppoe server

Posted: Fri Apr 01, 2016 1:28 am
by lambert
Use different pools for each PPPoE server. They can be in the same overall supernet if you like, as long as the ranges don't overlap.

In-interface matching won't work because each client is on his own PPP interface.

You might be able to assign a MikroTik-Address-List via RADIUS based on which PPPoE server the connection came in via. Then you could use the address list in the src-nat rule. I would leave that as a last resort since it is going to be complicated and require some work.

Someone else may have a better idea. Different ip pools is where I would go if I wanted to do what you are trying to do.

Re: Public IP for each pppoe server

Posted: Fri Apr 01, 2016 1:29 pm
by pukkita
Your post is lacking proper details, are public IPs all on the same WAN interface?

Re: Public IP for each pppoe server

Posted: Tue Apr 05, 2016 1:15 pm
by Ahmed1989
the public IP s are loopback interfaces

Re: Public IP for each pppoe server

Posted: Tue Apr 05, 2016 5:07 pm
by ZeroByte
Break the problem down logically:

pppoe clients in group 1 should all have some easily-matched criteria that identifies them as group 1
Then a srcnat rule matches criteria1 and uses to-address=ip1

replicate this for group 2 and group 3 ... etc...

That's it in a nutshell. Now- what criteria to use?

A) Use a different IP pool for each group of users - this is easily matched by a srcnat rule:
src-address=172.16.0.0/16 action=src-nat to-address=ip1
src-address=172.17.0.0/16 action=src-nat to-address=ip2
etc...

B) Use the "address list" option on the ppp profiles to specify an address list for the user's IP to be placed in,
and then NAT based on the address list:
PPP Profile "group 1" -> address-list=Group1
PPP Profile "group 2" -> address-list=Group2
etc...
/ip firewall nat ->
chain=srcnat src-address-list=Group1 action=src-nat to-address=ip1
chain=srcnat src-address-list=Group2 action=src-nat to-address=ip2
etc...