I have an ISP-provided modem/router and a MT device
and I want to use the MT device to isolate two subnets.
The subnets will get access to the internet via the ISP device
as show in the diagram below which depicts the current situation.
My problem is the double NAT situation which I want to get rid of.
Given that the ISP modem/router does not allow changing
its static routing table what would you suggest as a topology/configuration?
Replacing the ISP device is out of the picture since
it also provides VoIP for telephony and the provider doesn't share its VoIP passwords.
Topology:
Code: Select all
+--------------------+
| |
| |
| ISP modem/router |
| |
| |
+------+------+------+
|DSL| | LAN1 |
+-+-+ +---+--+
| | 172.16.0.2/24 masquerade/srcnat with its PPPoE iface
to | |
wall <-----------------+ |
socket |
|
|
+-+----+ 172.16.0.1/24 masquerade/srcnat
| LAN1 |
+--------+------+------+
| |
| MikroTik |
| |
| |
| |
+--+------+--+------+--+
| LAN2 | | LAN3 |
+------+ +------+
172.16.1.1/24 172.16.2.1/24