At that point it would probably be better to use the web proxy, wouldn't it?
Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Mon, Aug 4, 2014 at 4:51 PM, Rory McCann <[email protected]> wrote: > I don't think you're going to do this with NAT. I'm not terribly familiar > with the Hotspot feature, however could you do something with that where it > runs on the WAN interface and when a request is received, forwards it on to > the destination server? > > Rory McCann > MKAP Technology Solutions > Web: www.mkap.net > > > On 8/4/2014 3:35 PM, Josh Luthman wrote: > >> I use foo.com because it's quick and easy to type. I know, first world >> probloms... >> >> How would I srcnat these incoming connections? If I specify chain=srcnat >> in-interface=ether1 it complains "ingoing interface matching not possible >> in output and postrouting chains" >> >> I have this rule and while it counts packets, there's never any response >> from a web server (there is when talking directly to 2.2.2.2) >> >> /ip firew nat >> add action=dst-nat chain=dstnat comment="redirect 80 to outside web >> server" >> disabled=no dst-address=\ >> 1.1.1.1 dst-port=80 in-interface=ether1 protocol=tcp >> to-addresses=2.2.2.2 to-ports=80 >> >> >> >> Josh Luthman >> Office: 937-552-2340 >> Direct: 937-552-2343 >> 1100 Wayne St >> Suite 1337 >> Troy, OH 45373 >> >> >> On Mon, Aug 4, 2014 at 4:26 PM, Alexander Neilson < >> [email protected]> >> wrote: >> >> You could give it a go. Would you not be better using a different A >>> record >>> for your house (home.foo.com) point the foo.com record to your web >>> server >>> and do the http redirect on that. >>> >>> I would just imagine you would likely need to source NAT the connection >>> as >>> well otherwise the IP reply would come to the user from a completely >>> different IP address and could break NAT on the other end. >>> >>> Regards >>> >>> Alexander >>> >>> Alexander Neilson >>> Neilson Productions Ltd >>> [email protected] >>> 021 329 681 >>> >>> On 5/08/2014, at 8:10 am, Josh Luthman <[email protected]> >>>> >>> wrote: >>> >>>> My home router is the A record for foo.com (1.1.1.1) >>>> >>>> I have an outside web server at www.foo.com (2.2.2.2) >>>> >>>> Is it possible for when someone goes to my MT at foo.com (1.1.1.1), the >>>> >>> MT >>> >>>> does a dstnat to 2.2.2.2 ? I'd prefer to avoid having an Apache server >>>> just for an HTTP redirect. >>>> >>>> Josh Luthman >>>> Office: 937-552-2340 >>>> Direct: 937-552-2343 >>>> 1100 Wayne St >>>> Suite 1337 >>>> Troy, OH 45373 >>>> -------------- next part -------------- >>>> An HTML attachment was scrubbed... >>>> URL: < >>>> >>> http://mail.butchevans.com/pipermail/mikrotik/ >>> attachments/20140804/fd91da31/attachment.html >>> >>>> _______________________________________________ >>>> Mikrotik mailing list >>>> [email protected] >>>> http://mail.butchevans.com/mailman/listinfo/mikrotik >>>> >>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>>> >>> RouterOS >>> -------------- next part -------------- >>> A non-text attachment was scrubbed... >>> Name: smime.p7s >>> Type: application/pkcs7-signature >>> Size: 6151 bytes >>> Desc: not available >>> URL: < >>> http://mail.butchevans.com/pipermail/mikrotik/ >>> attachments/20140805/e9b0fe51/attachment.bin >>> _______________________________________________ >>> Mikrotik mailing list >>> [email protected] >>> http://mail.butchevans.com/mailman/listinfo/mikrotik >>> >>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>> RouterOS >>> >>> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: <http://mail.butchevans.com/pipermail/mikrotik/ >> attachments/20140804/898b829a/attachment.html> >> >> _______________________________________________ >> Mikrotik mailing list >> [email protected] >> http://mail.butchevans.com/mailman/listinfo/mikrotik >> >> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >> RouterOS >> > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20140804/d68abefa/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
