Let's assume following:
bottom router:
Code: Select all
/ip address add address=192.168.0.1/30 interface=ether1
/ip address add address=192.168.4.1/24 interface=ether2
/ip address add address=192.168.2.1/24 interface=ether3
/ip firewall filter add chain=forward in-interface=ether2 out-interface=ether1 action=accept
/ip firewall filter add chain=forward in-interface=ether3 out-interface=ether1 action=accept
/ip firewall filter add chain=forward action=drop
/ip route add gateway=192.168.0.2
Code: Select all
/ip address add address=66.66.66.66/30 interface=ether1
/ip address add address=192.168.0.2/24 interface=ether2
/ip firewall filter add chain=forward action=drop
/ip firewall nat add chain=dstnat dst-address-type=local action=dst-nat to-address=192.168.2.4
/ip route add gateway=66.66.66.65
/ip route add 192.168.2.0/24 gateway=192.168.0.1
/ip route add 192.168.4.0/24 gateway=192.168.0.1
I find it security issue.
Change my mind.