So. I have some solutions coming up where we are replacing an out going ISP with a wires only provided solution meaning that we will replace the ISP router that would generally provide the customers true RIPE provided ip's on its LAN port.
This means that for a customer that maybe has a firewall of their own, we can provide a solution with RIPE IPs on the LAN and the service continues as normal, however, for customers that were using a secondary router of their own to NAT I have a problem.
Can I run a Mikrotik, possibley with the customers LAN RIPE IP addresses in some sort of DMZ so I can carry on providing port forwarding to NAT debices on the customers internal ip range on the MKs LAN port.
Internet <> IP 220.127.116.11 <ISP Provided Router> Customer RIPE Addresses IP 18.104.22.168 <Customer Router> NAT Internal Range 10.0.0.0
This solution would have a port forward on the customer 22.214.171.124 range into the network for example a 80/44 pubis or an MX record smtp 25 delivery
Now with wireles only solution from ISP, we can use the MK to replace the ISP router. Could I do this:
Internet <> IP 126.96.36.199 <MK ROUTER> NAT Internal Range 10.0.0.0
DMZ (no physical port) - Customer Ripe Addresses IP 188.8.131.52 Port forward 80/443/25 to 10.0.0.10 NAT
Or should I forget it, have a MK to replace the ISP router and then have another smaller MK router to be the customers router?