I have 2 networks with a RB750 between them.
SETUP
RB750
Eth0: IP=192.168.0.1/24 (Local)
Eth1: IP=10.0.0.1/8 (public)
Local server: IP=192.168.0.2
NAT RULE
Chain: dstnat
Dst address: 10.0.0.1
Action: dst-nat
To Address: 192.168.0.2
Hosts on the public network can access the local server via 10.0.0.1
My problem is that they can also access the server and all the other hosts on the local network when they use the direct IP to the local network.
How can I prevent hosts on the public network from accessing the local hosts but still have access to the local server via 10.0.0.1 ?
I tried some tutorials on the web but none of them seem to be working for my setup.
a example would be appreciated.