"disabled=yes" huh?.. 4 Июл 2015 г. 2:04 пользователь "D. Ryan Spott" <[email protected]> написал: > > This might help: > > A diagram > > > > The export of the config: > > ... > > /interface bridge port > add bridge=LAN interface=ether2 > add bridge=LAN interface=ether3 > add bridge=LAN interface=ether4 > add bridge=WAN interface=ether1 > > /ip address > add address=209.90.234.1/28 interface=WAN network=209.90.234.0 > add address=216.168.46.1/28 interface=LAN network=216.168.46.0 > add address=10.0.1.1/28 interface=LAN network=10.0.1.0 > > ... > > /ip firewall nat > add action=masquerade chain=srcnat disabled=yes out-interface=WAN \ > src-address=10.0.1.0/24 > /ip route > > No DHCP server, no hotspot, no crazy firewall filters. > > > ryan > > On 7/3/15 2:05 PM, Scott Lambert wrote: >> >> That rule is not natting your 216.168.46.0/24 <http://216.168.46.0/24> traffic, barring a major bug in RouterOS. Something else may be, but not that rule as shown here. >> >> >> "/ip firewall nat export" and show the command you typed all the way through the next command prompt. >> >> Also let us know your RouterOS version. >> >> On July 3, 2015 11:49:33 AM CDT, "D. Ryan Spott" <[email protected]> wrote: >> >> I have the following network: >> >> <internet>-<router>-<ISP Network> >> >> The router has a WAN IP of 209.90.234.1/28 >> The router has a LAN IP of 216.168.46.0/24 >> The router has a LAN IP of 10.0.1.0/24 >> >> When I enable this: >> /ip firewall nat >> add action=masquerade chain=srcnat out-interface=WAN >> src-address=10.0.1.0/24 >> >> The result is ALL of the LAN clients 10. and 216. are all >> masqueraded to 209.90.234.1. >> >> >> >> >> How can I limit the masquerade to the 10.0.1.0/24 network ONLY and >> let the 216.168.46.0 addresses do the normal internet routing thing? >> >> It is something obvious. Need more coffee.. or Scotch. >> >> >> ryan >> >> -- D. Ryan Spott | NGC457, llc >> broadband | telco | colo | communities >> PO Box 1734 Sultan, WA 98294 >> 425-939-0047 >> >> ------------------------------------------------------------------------ >> >> Mikrotik-users mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/mikrotik-users >> >> -- Sent from my Android device with K-9 Mail. Please excuse my brevity. > > -- > D. Ryan Spott | NGC457, llc > broadband | telco | colo | communities > PO Box 1734 Sultan, WA 98294 > 425-939-0047 > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < http://mail.butchevans.com/pipermail/mikrotik/attachments/20150703/34e9a2ed/attachment.html > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: iccdibgf.png > Type: image/png > Size: 78948 bytes > Desc: not available > URL: < http://mail.butchevans.com/pipermail/mikrotik/attachments/20150703/34e9a2ed/attachment.png > > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20150704/6b03656e/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
