Use the 10.1.1.254 default IP, as it doesn't change with the mode. For
that...
/ip address add address=10.1.1.1/24 interface=connected-to-epmp
/ip firewall nat
add chain=dstnat dst-address=PUBLIC protocol=tcp dst-port=80
action=dst-nat to-address=10.1.1.254
add chain=srcnat dst-address=10.1.1.254 action=masquerade
The first rule is typical port forwarding. The second rule src NATs all
traffic heading to the ePMP to appear to be coming from 10.1.1.1, which
is on the same subnet, bypassing any misconfigured or missing routes on
the device.
-Kristian
On 05/22/2014 12:47 PM, [email protected] wrote:
I've done this before but can't remember exactly how I did it. So, I have a
defaulted ePMP at a remote site that for some reason isn't accepting a DHCP
lease. I want to get into it but it doesn't have a default gateway for the
192.168.0.1 AP address it defaults to.
What are the Mikrotik NAT rules I need to get access to the AP? Here is
what I have so far:
add action=dst-nat chain=dstnat disabled=no dst-address=P.U.B.L.I.C
dst-port=80 \
protocol=tcp to-addresses=192.168.0.1 to-ports=80
add action=src-nat chain=srcnat disabled=no src-address=192.168.0.1 \
to-addresses=P.U.B.L.I.C
add action=masquerade chain=srcnat disabled=no out-interface=ether5 \
src-address=192.168.0.0/24
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.butchevans.com/pipermail/mikrotik/attachments/20140522/17ff7594/attachment.html>
_______________________________________________
Mikrotik mailing list
[email protected]
http://mail.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
_______________________________________________
Mikrotik mailing list
[email protected]
http://mail.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
