Hi,

I need some help with the syntax of adding a src-nat please?

I have an l2tp-client interface which connects to a remote network over the internet. At the moment I'm using a masquerade NAT rule to NAT all outbound traffic from my LAN to that remote network. This is the rule:

chain=srcnat action=masquerade out-interface=l2tpclient1

I need to change this to use a specific IP address instead of just using the dynamic address allocated to the l2tpclient1 interface, but I'm struggling to find the correct syntax and keep getting the following error:

invalid value for argument min

The remote network uses 172.0.0.0/8 (because of many different subnets) and my LAN uses 192.168.1.0/24. I would like to NAT all traffic from my LAN to the remote network out on 172.16.10.1.

Thanks in advance
Dominique

Using the out interface is fine. .

Thanks for the quick reply.

The out interface gets a dynamic address every 24 hours (in the range 172.196.10.0/24) and using the masq works fine to get traffic to and from the remote network.

The problem is that there are loads of different firewall rules on the other side so to allow greater access from my LAN I need to use a specific address.

Im sure its possible but just not sure exactly how.

Any advise?
Thanks

If it gets a new IP every so often, you must use interface routing. On the other end, just point it to the static interface.

replace 'action=masquerade' with 'action=src-nat to-addresses=172.16.10.1'

Thank you Chupaka, appreciate your feedback.

The rule I'm using now looks like this:

chain=srcnat action=src-nat to-addresses=172.16.10.1 out-interface=l2tpclient1

And everything works fine

glad to hear that!