It doesn't have to be natted. Nothing prevent you from setting it up as routed traffic if you can do routing. Personally not seen any issues with SSL and double NAT. But seen things like SIP and certain console games having serious issues when double natting.
/ Eje ---------------------------------------- From: "Dan Harling via Mikrotik-users" <[email protected]> Sent: Friday, September 23, 2016 1:56 PM To: "Judd Dare" <[email protected]>, "Mikrotik Users" <[email protected]> Subject: Re: [Mikrotik Users] Advice needed- Hotspot Behind Hotspot Traffic from a hotspot client in "bypass" mode still runs through the hotspot--in particular, it is NATted. If you put another NATting hotspot controller behind that, the double-NAT will break SSL for everyone behind the second hotspot interface. Best to use VLANs to connect the two hotspot interfaces/devices to your WAN interface in parallel. Daniel Harling <>< Engineering, Cape Ann Communications 183 Main Street, Gloucester, MA 01930 [email protected] On Fri, Sep 23, 2016 at 12:29 PM, Judd Dare via Mikrotik-users <[email protected]> wrote: > Just whitelist the Marina IP or Mac address or configure the Marina radio > for pppoe. Very simple. > > Then you can run the Marina as it's own hotspot from there. > > Alternately you could add a second SSID at the RV park and connect the > Marina to that SSID, then you can setup another hotspot on that second SSID > and it can be branded for the Marina. > > If you need help setting it up, drop me an email. > > Judd > > > On Sep 22, 2016 3:14 PM, "ralph via Mikrotik-users" > <[email protected]> wrote: >> >> The subject is the best I could do for a description, but let me really >> describe it. >> >> >> >> I have a System running in an RV park, with a Cable Modem feeding a couple >> dozen Aps. I use Mikrotik hotspot with an external service handling AAA and >> payment. It is on a static IP from a cable modem and I have plenty of >> spare statics for future use. >> >> >> >> I have a new customer that is a marina a couple of miles away. I have >> already shot a PtP link over there which works well. Unfortunately the AP >> for this shot is fed, not from the cable modem, but from a point behind the >> RV park hotspot this point in itself is fed from the cable modem by a couple >> of PtP links in between. Operating in transparent bridge mode, so that >> isn't an issue.. So the users at the marina get the login page, etc for the >> RV park and basically look like they are RV park residents. I'm not using >> VLANS in the network. >> >> >> >> Problem is is that I need the users at the Marina not to get the Hotspot >> system for the RV Park. Instead they need their own. I can put another MT >> router/hotspot out at the marina but the problem is this feed that is >> already behind a hotspot. How can I let one of the external static IPs from >> the cable modem pass unrestricted out to that AP that shoots to the Marina >> without having the RV hotspot get in the way? It sounds like a job for >> VLANS but that would mean that I'd have to VLAN the entire network at both >> places and somehow get the external IP for the marina to go around the first >> hotspot somehow. >> >> >> >> Can anyone offer any advice how to do this? >> >> >> >> Hopefully this simple diagram comes through and isn't messed up >> >> >> >> What I have: >> >> Modem-MT CCR Router---<PtP AP> <PtP CPE> ---(RV Park Aps) >> >> >> | >> >> >> + <PtP AP to Marina> <PtP CPE at Marina> --- (Marina Aps) >> >> >> >> What I want: >> >> Modem-MT CCR Router---<PtP AP> <PtP CPE> ---(RV Park Aps) >> >> >> | >> >> >> + <PtP AP to Marina> <PtP CPE at Marina> --- MT CCR Router---- (Marina Aps) >> >> >> >> Thanks >> >> >> >> Ralph _______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
_______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
