Community discussions

MUM Europe 2020
 
opalit
Member Candidate
Member Candidate
Topic Author
Posts: 211
Joined: Wed Aug 24, 2011 10:15 pm

1:1 NAT and masquerade

Mon Sep 24, 2012 2:35 pm

I Have a RB-1100AHx2 and about about 200 CPE radios and I want to issue some with public IP's while connecting others using srcnat and masquerade.

The ones I want to issue public IP's to are the ones that connect using PPPoE

I Have put in the following rules, but they do not seem to work.

chain=srcnat action=masquerade out-interface=ether11 ( this rule at top ), the private IP's issued by DHCP need to connect to internet using this rule.

chain=srcnat action=src-nat to-addresses=1xx.xx.xxx.xxx-1xx.xx.xxx.xxx to-ports=0-65535 src-address=192.168.31.2-192.168.31.63

chain=dstnat action=dst-nat to-addresses=192.168.31.2-192.168.31.63 to-ports=0-65535 dst-address=1xx.xx.xxx.xxx-1xx.xx.xxx.xxx

There is equal numbers of public to private addresses.

The srcnat and dstnat rules do not seem to work even with masquerade rule disabled, in fact nothing works if masquerade rule is disabled.

Everything goes out via the masqurade rule when enabled.

The network is hot so I have to be very careful what I do or everybody could be cut off.

Any help would be appreciated.
 
popcorrin
Member Candidate
Member Candidate
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Re: 1:1 NAT and masquerade

Mon Sep 24, 2012 5:29 pm

For 1-1 nat, I use netmapping. Works well for me.
Your 1-1 natting rule needs to come before the other one.

Who is online

Users browsing this forum: bastys, jasondb, jweek, pe1chl, tdw and 100 guests