Access Points
    Wi-Fi Routers
    Magicbox
    Software
    Wireless PCI Cards
    Wireless Mini PCI Cards
    Wireless USB Cards
    Wireless PCMCIA Cards
    Wireless CF Cards
    Karty ExpressCard
    Client Antennas
    Base Station Antennas
    Access Points
    Magicbox
    Wireless PCI Cards
    Wireless Mini PCI Cards
    Wireless PCMCIA Cards
    Karty ExpressCard
    Client Antennas
    Base Station Antennas
    MikroTik Software
    Motherboards
    WRAP, Mini ITX
    Radio modules
    Accessories
    Router LAN adapters
    Enclosures
    Client sets
    Motherboards
    Radio modules
    Access points
    MiniPCI/ PCMCIA/ CF Adapters
    CF, DOM, S/ATA memory
    Pigtails (Jumper Cables)
    Connectors
    Surge protectors
    Coaxial Cable Assembly
    Coaxial Cables
    Power Supply
    Tools
    Enclosures
    Wireless Amplifiers
    Wireless converters
    Spliters
    Bluetooth
    Accessories
    Optical fibre
    Switches
    DSL/ADSL Routers
    ADSL Modem
    Wireless PCI/PCMCIA Cards
    Print Servers
    LAN accessories
  
  Wiedza/MikroTik/Jak to zrobić??/How to Link Public Addresses to the Local Ones?

How to Link Public Addresses to the Local Ones?

Description

The current topic shows how to configure 'full NAT', i.e. when a computer having it's own address in the local network gets it translated when talking to outer (public) networks.

Let us assume two addresses (10.0.0.216 and 10.0.0.217) are assigned to the router. In this example we will 'full NAT' the internal address 192.168.0.4 to the external 10.0.0.216 one while keeping 10.0.0.217 for the router itself as well as for masquerading the internal network.

To add 10.0.0.216/24 and 10.0.0.217/24 addresses to the router's Public interface and 192.168.0.254/24 to the router's Local interface:

/ip address
    add address=10.0.0.216/24 interface=Public
    add address=10.0.0.217/24 interface=Public
    add address=192.168.0.254/24 interface=Local
    print
Flags: X - disabled, I - invalid, D - dynamic
  #   ADDRESS            NETWORK         BROADCAST       INTERFACE
  0   10.0.0.216/24      10.0.0.0        10.0.0.255      Public
  1   10.0.0.217/24      10.0.0.0        10.0.0.255      Public
  2   192.168.0.254/24   192.168.0.0     192.168.0.255   Local

While adding the default route to the router you should be aware of having two addresses. You should specify the address that the router will be using while talking to the outer networks:

/ip route
    add gateway=10.0.0.1 preferred-source=10.0.0.217
    print
Flags: X - disabled, I - invalid, D - dynamic, J - rejected,
C - connect, S - static, r - rip, o - ospf, b - bgp
    #    DST-ADDRESS        G GATEWAY         DISTANCE INTERFACE
    0  S 0.0.0.0/0          r 10.0.0.1        1        Public
    1 DC 10.0.0.0/24        r 0.0.0.0         0        Public
    2 DC 192.168.0.0/24     r 0.0.0.0         0        Local

Add DST-NAT rule allowing access to the internal server from external networks:

/ip firewall dst-nat
    add dst-address=10.0.0.216/32 action=nat to-dst-address=192.168.0.4
    print
Flags: X - disabled, I - invalid, D - dynamic
 0   dst-address=10.0.0.216/32 action=nat to-dst-address=192.168.0.4

To add SRC-NAT rules allowing the internal server to talk to the outer networks having its source address translated to 10.0.0.216, while translating other internal hosts' source addresses to 10.0.0.217:

/ip firewall src-nat
    add src-address=192.168.0.4/32 action=nat to-src-address=10.0.0.216
    add src-address=192.168.0.0/24 action=nat to-src-address=10.0.0.217
    print
Flags: X - disabled, I - invalid, D - dynamic
 0   src-address=192.168.0.4/32 action=nat to-src-address=10.0.0.216

 1   src-address=192.168.0.0/24 action=nat to-src-address=10.0.0.217
Powrót    
Copyright 2002-2005 by Advert all rights reserved.