Community discussions

MikroTik App
 
telcojosh
just joined
Topic Author
Posts: 2
Joined: Sun Jan 17, 2016 12:17 pm

Routing Public LAN block

Sun Jan 15, 2023 7:31 am

I could probably figure this out on my own with enough time, but I've been working through a bunch of VoIP problems and my brain is tired.

My ISP gave us a public LAN block that is pointed at a single IP and I'm trying to figure out how to route it without NAT.

Currently I set the single IP on the WAN interface and programmed the router as a normal NAT router (eth1-50.233.xxx.xxx/30>>NAT>>eth2-192.168.88.1).
Then I added the first address of the Public/29 to eth2 (eth2-50.238.xxx.xx1/29), and then I'm using the other addresses in the /29 for my public devices connected to the bridged interfaces (50.238.xxx.2=first device, 50.238.xxx.3=second device). With a "accept" firewall rule to forward all traffic to the /29 devices.


For the most part everything works great with the exception of all outbound traffic from the /29 devices go out to the internet as the WAN address (50.233.xxx.xxx)


??? what would be the easiest way to route this traffic so all the /29 traffic goes out to the internet as its own /29 address (50.238.xxx.xxx)???

It would be great if I can keep the private LAN (192.168.88.1/24) also, but not absolutely necessary.

Oh and if it helps this is on a hAP ac²


Thanks...Josh
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11444
Joined: Thu Mar 03, 2016 10:23 pm

Re: Routing Public LAN block

Sun Jan 15, 2023 1:26 pm

If addresses are routed towards you, you can route them forward, e.g. to client. And interface address on your router facing client doesn't have to be in same subnet (to save precious public addresses), but that complicates things a bit.

As to internet-going NAT: you probably have a SRC-NAT rule (or even masquerade) targeting out-interface ... you should change this to target both out-interface and src-address (belonging to your private address space).
 
telcojosh
just joined
Topic Author
Posts: 2
Joined: Sun Jan 17, 2016 12:17 pm

Re: Routing Public LAN block

Mon Jan 16, 2023 2:34 am

I figured it out

Just had to go into the default masquerade rule and add a source address of the private LAN so the router doesn't NAT the public LAN block.

Now all is working great... Thanks

Who is online

Users browsing this forum: abdullanetworking, cmmike, Osstropolys and 33 guests