/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration"
disabled=no dst-address=0.0.0.0/0 src-address=192.168.88.0/24 to-addresses=\
0.0.0.0
There's no way the to-address should be there at 0.0.0.0. I'd also drop
the dst-address
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Tue, Mar 10, 2015 at 1:34 PM, Roy, Jerry <jerry....@toltsolutions.com>
wrote:
> No sir, no packet counting. Maybe I should have said, masquerade between
> Bri2 Lan to Bri1 Wan
>
> I see the Nat tab but no masquerade.
>
> Any work around?
>
> Jerry Roy 949.681.5054
> jerry....@toltsolutions.com
>
>
> -----Original Message-----
> From: mikrotik-boun...@mail.butchevans.com [mailto:
> mikrotik-boun...@mail.butchevans.com] On Behalf Of Josh Luthman
> Sent: Tuesday, March 10, 2015 10:18 AM
> To: Mikrotik discussions
> Subject: Re: [Mikrotik] Nat a bridge interface?
>
> Are the rules counting packets?
>
>
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
>
> On Tue, Mar 10, 2015 at 1:13 PM, Roy, Jerry <jerry....@toltsolutions.com>
> wrote:
>
> > I did now, but same issue.
> >
> >
> > Jerry Roy 949.681.5054
> > jerry....@toltsolutions.com
> >
> >
> > -----Original Message-----
> > From: mikrotik-boun...@mail.butchevans.com [mailto:
> > mikrotik-boun...@mail.butchevans.com] On Behalf Of Josh Luthman
> > Sent: Tuesday, March 10, 2015 10:03 AM
> > To: Mikrotik discussions
> > Subject: Re: [Mikrotik] Nat a bridge interface?
> >
> > Did you enable IP firewall for the bridge?
> >
> >
> > Josh Luthman
> > Office: 937-552-2340
> > Direct: 937-552-2343
> > 1100 Wayne St
> > Suite 1337
> > Troy, OH 45373
> >
> > On Tue, Mar 10, 2015 at 1:00 PM, Roy, Jerry
> > <jerry....@toltsolutions.com>
> > wrote:
> >
> > > Hi Gentlemen,
> > >
> > > Should I be able to Nat between two bridge interfaces? I keep
> > > getting timed out when trying to ping 8.8.8.8 from the bridge 2 (ip
> > > 192.168.88.1) interface.
> > >
> > > /ip firewall filter
> > > add action=accept chain=input comment="Netgear Switch access"
> > > disabled=no src-address-list="Netgear Switch Access"
> > > add action=drop chain=input disabled=no dst-port=8443 protocol=tcp
> > > add action=accept chain=input comment="default configuration"
> > > disabled=no protocol=icmp add action=accept chain=input
> > > comment="default configuration" disabled=no
> > > dst-port=123 protocol=udp
> > > add action=accept chain=input comment="default configuration"
> > > connection-state=established disabled=no add action=accept
> > > chain=input comment="default configuration"
> > > connection-state=related disabled=no add action=accept chain=input
> > > comment="Allow Management from MNS"
> > > disabled=no dst-port=161 protocol=udp src-address=10.94.64.16/29 add
> > > action=accept chain=input disabled=no dst-port=22,80,443,8291
> > > protocol=tcp src-address=10.94.64.16/29 add action=accept
> > > chain=input disabled=no dst-port=22,80,443,8291 protocol=tcp
> > > src-address=68.106.72.0/26 add action=accept chain=input disabled=no
> > > dst-port=22,80,443,8291 protocol=tcp src-address=68.106.76.203 add
> > > action=accept chain=input disabled=no dst-port=22,80,443,8291
> > > protocol=tcp src-address=68.167.154.0/24 add action=accept
> > > chain=input disabled=no dst-port=22,80,443,8291 protocol=tcp
> > > src-address=162.93.0.0/16 add action=accept chain=input disabled=no
> > > dst-port=22,80,443,8291 protocol=tcp src-address=216.231.192.0/20
> > > add action=accept chain=input comment="Used for VoIP Phone TS with
> > > Access Line VoIP provider. Must Be DISABLED at ALL times unless TS."
> > disabled=yes \
> > > dst-port=80,443 protocol=tcp
> > > add action=drop chain=input comment="default configuration"
> > > disabled=no
> > > in-interface=bridge1
> > > /ip firewall nat
> > > add action=masquerade chain=srcnat comment="default configuration"
> > > disabled=no dst-address=0.0.0.0/0 src-address=192.168.88.0/24
> > > to-addresses=\
> > > 0.0.0.0
> > >
> > > Thanks,
> > >
> > > Jerry
> > > -------------- next part -------------- An HTML attachment was
> > > scrubbed...
> > > URL: <
> > > http://mail.butchevans.com/pipermail/mikrotik/attachments/20150310/c
> > > 55
> > > 23a3e/attachment.html
> > > >
> > > _______________________________________________
> > > Mikrotik mailing list
> > > Mikrotik@mail.butchevans.com
> > > http://mail.butchevans.com/mailman/listinfo/mikrotik
> > >
> > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
> > > RouterOS
> > >
> > -------------- next part -------------- An HTML attachment was
> > scrubbed...
> > URL: <
> > http://mail.butchevans.com/pipermail/mikrotik/attachments/20150310/cc1
> > f4de7/attachment.html
> > >
> > _______________________________________________
> > Mikrotik mailing list
> > Mikrotik@mail.butchevans.com
> > http://mail.butchevans.com/mailman/listinfo/mikrotik
> >
> > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
> > RouterOS _______________________________________________
> > Mikrotik mailing list
> > Mikrotik@mail.butchevans.com
> > http://mail.butchevans.com/mailman/listinfo/mikrotik
> >
> > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
> > RouterOS
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://mail.butchevans.com/pipermail/mikrotik/attachments/20150310/08934ded/attachment.html
> >
> _______________________________________________
> Mikrotik mailing list
> Mikrotik@mail.butchevans.com
> http://mail.butchevans.com/mailman/listinfo/mikrotik
>
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
> RouterOS
> _______________________________________________
> Mikrotik mailing list
> Mikrotik@mail.butchevans.com
> http://mail.butchevans.com/mailman/listinfo/mikrotik
>
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
> RouterOS
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.butchevans.com/pipermail/mikrotik/attachments/20150310/c2267ded/attachment.html>
_______________________________________________
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
