Community discussions

MikroTik App
 
hurymak
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 76
Joined: Mon Oct 06, 2014 1:31 pm

Allow internet acces on one port for private lan range

Fri Oct 14, 2022 11:16 am

I have pppoe internet access, one bridge, all works fine
one rule in nat
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1

now i want to take one port from that bridge, for example ethernet3 to NOT be in bridge and not have any address assigned.
I would like to make such thing that any statically assigned addres in pc network card, connected to port ethernet3 (which is not in bridge),
also have access to internet.

So for example user connects pc to this separate port etherent3, goes into control panel, assigns any ip address from private range, and has internet access.
Is that possible?
I dont want him to have access to local lan, only internet with any private address he wants.
what rules should i add in nat?

If ethernet3 port has assigned some static address, than no problem, I know how to do it.
But without address i dont know
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2865
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: Allow internet acces on one port for private lan range

Fri Oct 14, 2022 3:06 pm

Quite easy.

If you are aware of configuration for the bridge you already have, then create the second bridge with the only eth3 port assigned,
clone configuration from current bridge but use IPs from the "other" pool.

Who is online

Users browsing this forum: Ahrefs [Bot], BioMax, konradnh and 29 guests