Community discussions

MikroTik App
 
kratex
just joined
Topic Author
Posts: 1
Joined: Sat May 20, 2023 8:48 pm

NAT works differently with 2 LANs

Sat May 20, 2023 9:23 pm

I have few NAT rules and observed it on both game server and web server.
When someone visits the website or joins the server - logged IP is LAN gateway's IP and not client public IP (in server logs).
If I enable logging of NAT rule then it logs proper public IP of client in router log.
It seems like some issue with RouterOS or hardware/software limitation.

I have 2 routers, one from ISP and second is mikrotik's.
Direct connection to ISP's router keeps public IP of client unlike through mikrotik.
The issue is probably not PC as it works as expected when connected directly to ISP router.
RouterOS version 6.48.6 or 7.9 does not make change to logged IP.

Connecting through public IP assigned by ISP.

Configuration (simple, 3 bridges, one wan active):
https://pastebin.com/C9fa4W6e
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: NAT works differently with 2 LANs  [SOLVED]

Tue May 23, 2023 12:31 pm

  1. instead of posting the configuration on an external site with its own cookies and advertising, you can put it into the body of your post between [code] and [/code] tags.
  2. your action=masquerade rule doesn't match on out-interface-list=WAN (or out-interface=bridge-wan), so it src-nats also incoming connections initiated from the internet, setting their reply-dst-address to the LAN address of the Mikrotik. Just restrict that rule the suggested way and you'll be fine.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: NAT works differently with 2 LANs

Tue May 23, 2023 3:56 pm

This........
/ip firewall nat
add action=masquerade chain=srcnat

It masquerades all traffic,,,,,,,,,,,,, as sindy says ensure you add the qualifier from.......... in-interface=WAN interface or in-interface-list=WAN

Who is online

Users browsing this forum: baragoon, BinaryTB, Google [Bot], raphaps, rplant and 78 guests