why cannot i dst-nat . ok i can but for some reason my test router get pissy when i do this so can someone tell how to do it correctly if i am doind something wrong

0 chain=dstnat dst-address=64.1.1.178 protocol=tcp action=dst-nat
to-addresses=212.212.212.11 to-ports=21-23

1 chain=dstnat dst-address=64.1.1.182 action=dst-nat
to-addresses=212.212.212.10 to-ports=21-23

2 chain=dstnat dst-address=64.1.1.178 protocol=tcp dst-port=519
action=dst-nat to-addresses=192.168.4.59 to-ports=514

this works then stop . if i remove rule 2 it works , how do i dst-nat same
ip address on different subnets . cannot seem to get it to work correctly

what i would like is to make anything comming in on port 21-23 64.1.1.178 to goto 212.212.212.11
and if it is port 514 it would goto 192.168.4.59



so this is rule do i have something backwards or ?

ip firewall nat> add chain=dstnat dst-address=64.1.1.78/32 protocol=tcp dst-port=21-23 action=dst-nat to-addresses=212.212.212.10 to-ports=21-23

add chain=dstnat dst-address=64.1.1.78/32 protocol=tcp dst-port=519 action=dst-nat to-addresses=192.168.4.59 to-port s=519


randy

src nat works on both networks and dst nat works just cannot split a ip address .


Randy