Drop the out interface Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 7, 2013 10:26 PM, "Casey Mills" <[email protected]> wrote:
> Right now I have this as the first rule. I like it because I don't have a > static IP on ether1, the public interface. Can I still masquerade the LAN > to itself using this rule? > > chain=srcnat action=masquerade out-interface=ether1 > > > > Thanks, > Casey > > > On Fri, Jun 7, 2013 at 9:10 PM, Josh Luthman <[email protected] > >wrote: > > > Masquerade your source traffic. I do it this way so I have two different > > rules and I can count the packets. Just out of curiosity. > > > > /ip firewall nat > > add action=src-nat chain=srcnat comment="masq lan" disabled=no > > out-interface=\ > > ether1 src-address=192.168.21.0/24 to-addresses=74.218.208.210 > > add action=masquerade chain=srcnat comment="masq lan to lan" disabled=no > \ > > dst-address=192.168.21.0/24 src-address=192.168.21.0/24 > > > > add action=dst-nat chain=dstnat comment="bender - http" disabled=no \ > > dst-port=80 protocol=tcp to-addresses=192.168.21.187 to-ports=80 > > > > > > Josh Luthman > > Office: 937-552-2340 > > Direct: 937-552-2343 > > 1100 Wayne St > > Suite 1337 > > Troy, OH 45373 > > > > > > On Fri, Jun 7, 2013 at 8:42 PM, Casey Mills <[email protected]> wrote: > > > > > I have a few servers setup on my internal network and some DST-NAT > rules > > > setup in the firewall. Everything works great inside and outside of > the > > > network. But to keep things simple it would be nice if I could use the > > > public IP inside and outside of my local network. When inside the > > network > > > can requests for the public IP be sent back internally through the > > DST-NAT? > > > > > > Casey > > > -------------- next part -------------- > > > An HTML attachment was scrubbed... > > > URL: < > > > > > > http://mail.butchevans.com/pipermail/mikrotik/attachments/20130607/6e8c67cc/attachment.html > > > > > > > _______________________________________________ > > > Mikrotik mailing list > > > [email protected] > > > http://mail.butchevans.com/mailman/listinfo/mikrotik > > > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > > RouterOS > > > > > -------------- next part -------------- > > An HTML attachment was scrubbed... > > URL: < > > > http://mail.butchevans.com/pipermail/mikrotik/attachments/20130607/44eac6cf/attachment.html > > > > > _______________________________________________ > > Mikrotik mailing list > > [email protected] > > http://mail.butchevans.com/mailman/listinfo/mikrotik > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > RouterOS > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://mail.butchevans.com/pipermail/mikrotik/attachments/20130607/d153ffee/attachment.html > > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20130607/52d50885/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
