I've spent all day trying to get this to work, and still struggling, even though its a simple task.
What I want is to use a public IP from my routed subnet directly on a server inside my network (without NAT). Current setup is:
The ISP provides the following over the connection (IP's changed):
Static IP: 220.127.116.11/30 with a default gateway of 18.104.22.168
Routed subnet: 22.214.171.124/28 (I want to use all 16 IP's so not setting the IP on any of my interfaces). ISP routes all IPs to the static IP above so should be ok.
So I have:
ether5 - connection to ISP. Static IP set to 126.96.36.199/30
ether9 - my server - IP: 188.8.131.52, subnet: 255.255.255.255, gw: 184.108.40.206
I have also added the following firewall rules:
add action=accept chain=forward dst-address=220.127.116.11 in-interface=ether5 out-interface=ether9
add action=accept chain=forward in-interface=ether9 out-interface=ether5 src-address=18.104.22.168
and a nat bypass:
add action=accept chain=srcnat src-address=22.214.171.124
I can't ping or get any connectivity from the server. This should be simple but it just isnt working
As a test, I assigned the 126.96.36.199 IP directly to the ether5 interface on the Mikrotik and I can ping it from an external site, so I know the routed subnet is reaching the router.