Community discussions

MikroTik App
 
nissandata
newbie
Topic Author
Posts: 34
Joined: Fri Dec 03, 2010 7:20 pm

Firewall without NAT

Tue Dec 07, 2010 9:05 pm

Hey!

Hope this shouldn't be posted in the beginners forum since i'm quite a hacker :D
We have bought a rb1100 that we will use for our local-net, a few DMZ-zones and guest networks.
The setup has been more or less straight through. But i have problem setting a public FTP-server as intended.
We have the FTP-server as the only device in one of our DMZ-zones, i want to have one of our public IP-addresses directly assigned to the server, but still firewalled by the routerboard.

I don't under stand how to implement this.
We have a public /28-net, 6 of the IP's are set up and used atm using nat to private nets using src/dst-nat to publish services. So the plan is to via vlan or eth-port "forward" one of the public IP's to the FTP after passing the firewall.

Is this possible?
 
vik1988
Member Candidate
Member Candidate
Posts: 235
Joined: Sun Oct 25, 2009 2:18 pm
Location: India

Re: Firewall without NAT

Tue Dec 28, 2010 6:23 pm

Hi,

r using Dst Nat rule for Nat inside.
Vikas Kumar Gupta
If you Like my post then add KARMA
skype- kumarvikas_gupta
 
changeip
Forum Guru
Forum Guru
Posts: 3806
Joined: Fri May 28, 2004 5:22 pm

Re: Firewall without NAT

Tue Dec 28, 2010 7:34 pm

this depends on if your provider is routing or bridging the subnet to you. if they are arping for those IPs directly on your wan interface then you dont have the option of just routing it one more interface down the line. you have to use nat, or proxyarp or some other less optimal hack.

whats the issue with nat and ftp, is the data port not getting forwarded properly? might just need some established / related rules to allow things thru using the ftp helper.
Colo and Wholesale Bandwidth Available! Sales at SanDiegoBroadband dot com

Who is online

Users browsing this forum: No registered users and 219 guests