Community discussions

MikroTik App
 
radocicala
Member Candidate
Member Candidate
Topic Author
Posts: 136
Joined: Fri Aug 10, 2007 6:56 pm

How to NAT smb from one network to another in ROS?

Mon Dec 01, 2008 4:05 pm

Hi, I have problem to set NAT. I set it like this but doesnt work:
 0   chain=dstnat action=dst-nat to-addresses=10.15.17.5 to-ports=0-65535 
     in-interface=WAN dst-address=192.168.76.4 
WAN - is interface where samba server is(192.168.76.4), here is also internet
LAN - is interface where computer 10.15.17.5 is

I dont want to get internet on 10.15.17.5, only communication between that samba server and computer.

smbserver --------> mikrotik(here I need to set up NAT) ---------> PC
(192.168.76.4) WAN (10.85.17.1/192.168.76.99) LAN (10.85.17.5)


I made masquerade, like this:
 chain=srcnat action=masquerade out-interface=WAN src-address=10.15.17.5
communication worked, but also Internet, what I dont want

this showed me when I torched:
Image
I dont understand why is there port 139, when samba should run over 445, or ?
 
User avatar
gmsmstr
Trainer
Trainer
Posts: 942
Joined: Fri Jun 04, 2004 2:22 am
Location: St. Louis, MO
Contact:

Re: How to NAT smb from one network to another in ROS?

Tue Dec 02, 2008 1:02 am

SMB runs on

TCP 135-139 and 445
UDP 135-139 and 445

So , it can be on any of these ports that I communicates at. I don't know, how and why it picks what port or the detail behind it. With that said, looks like you have a connection established, is that NOT what you want?

Also, keep in mind that some ISPs block netbios traffic as well.
Dennis Burgess, MCTCE, MTCNA, MCTCTE, MTCWE, MTCNIE, A+, N+, MCP, MTCSE Mikrotik Certified Consultant / Trainer
Need Mikrotik Support: http://www.linktechs.net -- Link Technologies, Inc.
-- Author of "Learn RouterOS: Second Edition"
 
radocicala
Member Candidate
Member Candidate
Topic Author
Posts: 136
Joined: Fri Aug 10, 2007 6:56 pm

Re: How to NAT smb from one network to another in ROS?

Tue Dec 02, 2008 1:14 am

Yes I know but both networks are mine, I want to get communication from Server(is in network I get internet to other network where is pc I want to get there that samba communication). It can be done using masquerade. But I was thinking if it is possible simplier way. Because If I use masquerade, all comunication from that network goes to that PC - and I dont want this. The only thing that I can propably do is to do that masquerade and in firewall block all communication to that pc except from that samba server, or could you help anything better?
 
User avatar
gmsmstr
Trainer
Trainer
Posts: 942
Joined: Fri Jun 04, 2004 2:22 am
Location: St. Louis, MO
Contact:

Re: How to NAT smb from one network to another in ROS?

Tue Dec 02, 2008 1:15 am

You would just send those ports in vs everything like you have now.
Dennis Burgess, MCTCE, MTCNA, MCTCTE, MTCWE, MTCNIE, A+, N+, MCP, MTCSE Mikrotik Certified Consultant / Trainer
Need Mikrotik Support: http://www.linktechs.net -- Link Technologies, Inc.
-- Author of "Learn RouterOS: Second Edition"
 
mstead
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Mar 04, 2006 2:41 am

Re: How to NAT smb from one network to another in ROS?

Thu Dec 04, 2008 1:48 am

I don't think you can NAT samba. I researched this a long time ago and if I remember correctly the problem is that the data payload contains IP information - and NAT will only modify the headers of a data packet not the contents.

Malcolm
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8419
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: How to NAT smb from one network to another in ROS?

Thu Dec 04, 2008 3:20 pm

as far as I remember, we have successfully nated samba when we need it... the task was to redirect some of the customers to another samba server with one share named 'Access denied' =)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
mstead
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Mar 04, 2006 2:41 am

Re: How to NAT smb from one network to another in ROS?

Thu Dec 04, 2008 3:34 pm

Chupaka. What you describe is not really NAT but rather working with Samba to redirect. This was the direction I was heading in when I gave up due to time constraints.

What I'm saying is that to just NAT traffic to a different Samba server does not work for the reasons I already gave. As far as I could see you can only route samba.

Malcolm
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8419
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: How to NAT smb from one network to another in ROS?

Thu Dec 04, 2008 4:04 pm

what I said about is that we made Dst-NAT, and when user opens \\1.2.3.4, in fact he gets contents of \\5.6.7.8 server. isn't it NAT? %)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.

Who is online

Users browsing this forum: AndyGs, Bing [Bot], cosambo, maxsaf and 112 guests