Community discussions

MikroTik App
 
jzhu47
just joined
Topic Author
Posts: 11
Joined: Tue Oct 08, 2019 8:53 pm

Forward all WANs Traffic to one LAN or specific LAN IP

Wed Oct 26, 2022 9:16 pm

Hi all,

do you know how to Forwarding all traffic to one LAN IP, vice verse. this function just like DMZ.
since client already have own firewall and routing enabled in pfsense. they just wants us to provide the internet access with auto fail-over configured. so I enabled the DDNS and Netwatch for in case of WAN1 down, so then the client still have interne access via backup uplink WAN2.
but now I have problem with how to properly setup this policy which is redirected all WAN traffic to the IP: 192.168.22.3 assigned for their PFsense WAN. please refer to my simple network topology

or make it simple, how to forward all WAN traffic to ETH7, which client PFsense is connected with.

any idea?

thank you in advance for any advice.

Don
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19106
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Forward all WANs Traffic to one LAN or specific LAN IP

Wed Oct 26, 2022 9:36 pm

Not sure of what you mean.

It sounds like for some strange reason you dont want to attach the pfsense to the internet connection directly? Why?
Because I was going to suggest merely passing on the public IP to the Pfsense...................

It seems you want the MT router there just to act as a NAT machine? The pfsense can do this just fine!
In any case there is nothing special here and there are probably many ways to do what you suggest.

The easiest would be two have two dst-nat rules only
add action=dst-nat chain=dstnat in-interface=ether7 dst-port=1-65536 protocol=udp to-addresses=192.168.22.3
add action=dst-nat chain=dstnat in-interface=ether7 dst-port=1-65536 protocol=tcp to-addresses=192.168.22.3

But without seeing what you have done with the rest of the config hard to day
/export file=anynameyouwish (minus serial number and any public wanip info )
 
jzhu47
just joined
Topic Author
Posts: 11
Joined: Tue Oct 08, 2019 8:53 pm

Re: Forward all WANs Traffic to one LAN or specific LAN IP

Wed Oct 26, 2022 11:02 pm

thanks for your reply. Anav, it works.
here to thing, we provide two internet services DSL and Cable(main). I recommended client using own PFsense and directly plug it into the modems(both bridge mode), then he can get static IP (cable). PPPoE (another static IP). but he refused as he needs to keep all services on server running properly after failed over to WAN2. so then I recommend him buy a DDNS service online, but he refused as well. that is why I post in here and seeking for better solutions.

thanks again.

p.s. I can't disclose any IP info in here, as it is prohibited in accordance with my company policy.
Last edited by BartoszP on Thu Oct 27, 2022 12:12 am, edited 1 time in total.
Reason: unneeded quoting
 
DonnieDarko777
just joined
Posts: 10
Joined: Thu Nov 29, 2018 2:58 pm

Re: Forward all WANs Traffic to one LAN or specific LAN IP

Wed Nov 09, 2022 9:10 am

this is nat 1:1
in my case using pppoe i use this
/dstnat input interface)pppoe-out action=dstnat to adress=XXXXX
/srcnat adress=XXXXX action srcnat to address=ourpublicip
if is not static ip u can use ddns in cloud option of mk or can u use masquerade for exit.

Who is online

Users browsing this forum: Bing [Bot] and 15 guests