[Mikrotik] Simple 1:1 NAT on Mikrotik

Mike Lyon mike.lyon at gmail.com
Tue Jun 12 14:42:48 CDT 2012


I'll give that a whirl.

Thanks,
Mike


On Tue, Jun 12, 2012 at 12:41 PM, Bill Prince <
part-15 at skylinebroadbandservice.com> wrote:

> When I did a netmap (IIRC), you also need to specify the out interface for
> the public IP.
>
> bp
>
>
>
> On 6/12/2012 12:13 PM, Mike Lyon wrote:
>
>> Added:
>>
>> /ip firewall nat add chain=srcnat src-address=<internal IP address>  \
>> action=netmap to-addresses=<public ip address>
>>
>> Still no love...
>>
>> -Mike
>>
>>
>>
>> On Tue, Jun 12, 2012 at 12:09 PM, Jacob Heider<jhheider at gmail.com>
>>  wrote:
>>
>>  Based on the link, looks like you want the action "netmap", as well as
>>> the
>>> reflexive rule.
>>>
>>>  Jacob Heider<mailto:jhheider at gmail.**com <jhheider at gmail.com>>
>>>
>>>> June 12, 2012 14:55
>>>>
>>>> Have you assignedthe public IP on the public interface of the MT? You
>>>> probably also want the reflexive rule as shown here:
>>>>
>>>> http://wiki.mikrotik.com/wiki/****Manual:IP/Firewall/NAT#1:1_***
>>>> *mapping<http://wiki.mikrotik.com/wiki/**Manual:IP/Firewall/NAT#1:1_**mapping>
>>>> <http://wiki.mikrotik.**com/wiki/Manual:IP/Firewall/**NAT#1:1_mapping<http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT#1:1_mapping>
>>>> >
>>>>
>>>>
>>>> -------------- next part --------------
>>>> An HTML attachment was scrubbed...
>>>> URL:<http://www.butchevans.**com/**pipermail/mikrotik/**<http://www.butchevans.com/**pipermail/mikrotik/**>
>>>> attachments/20120612/73f6a2fc/****attachment.html<http://www.**
>>>> butchevans.com/pipermail/**mikrotik/attachments/20120612/**
>>>> 73f6a2fc/attachment.html<http://www.butchevans.com/pipermail/mikrotik/attachments/20120612/73f6a2fc/attachment.html>
>>>> >>
>>>>
>>>> ______________________________****_________________
>>>> Mikrotik mailing list
>>>> Mikrotik at mail.butchevans.com
>>>> http://www.butchevans.com/****mailman/listinfo/mikrotik<http://www.butchevans.com/**mailman/listinfo/mikrotik>
>>>> <http**://www.butchevans.com/mailman/**listinfo/mikrotik<http://www.butchevans.com/mailman/listinfo/mikrotik>
>>>> >
>>>>
>>>>
>>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>>>> RouterOS
>>>>
>>>> Mike Lyon<mailto:mike.lyon at gmail.**com <mike.lyon at gmail.com>>
>>>> June 12, 2012 14:51
>>>> Howdy,
>>>>
>>>> I'm killing myself over here. Trying to get a 1:1 NAT working on an MK
>>>> 433AH running 4.13. I've entered this in:
>>>>
>>>> /ip firewall nat add action=dst-nat chain=dstnat disabled=no
>>>> dst-address=<public IP address>  \ to-addresses=<internal private IP
>>>> address>
>>>>
>>>> I can ping and can connect to the internal IP address in winbox via
>>>> ssh. I
>>>> know the internal host can access the internet and all routing is
>>>> working.
>>>>
>>>> > From the outside world though, I cannot ping the public IP address
>>>> i've
>>>> assigned to the 1:1 NAT nor can I access it via ssh.
>>>>
>>>> What else am I missing?
>>>>
>>>> Thanks,
>>>> mike
>>>> -------------- next part --------------
>>>> An HTML attachment was scrubbed...
>>>> URL:<http://www.butchevans.**com/**pipermail/mikrotik/**<http://www.butchevans.com/**pipermail/mikrotik/**>
>>>> attachments/20120612/e8e58a3f/****attachment.html<http://www.**
>>>> butchevans.com/pipermail/**mikrotik/attachments/20120612/**
>>>> e8e58a3f/attachment.html<http://www.butchevans.com/pipermail/mikrotik/attachments/20120612/e8e58a3f/attachment.html>
>>>> >
>>>> ______________________________****_________________
>>>> Mikrotik mailing list
>>>> Mikrotik at mail.butchevans.com
>>>> http://www.butchevans.com/****mailman/listinfo/mikrotik<http://www.butchevans.com/**mailman/listinfo/mikrotik>
>>>> <http**://www.butchevans.com/mailman/**listinfo/mikrotik<http://www.butchevans.com/mailman/listinfo/mikrotik>
>>>> >
>>>>
>>>>
>>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>>>> RouterOS
>>>>
>>>>  -------------- next part --------------
>>>>
>>> An HTML attachment was scrubbed...
>>> URL:<http://www.butchevans.**com/**pipermail/mikrotik/**<http://www.butchevans.com/**pipermail/mikrotik/**>
>>> attachments/20120612/5cf1dfa9/****attachment.html<http://www.**
>>> butchevans.com/pipermail/**mikrotik/attachments/20120612/**
>>> 5cf1dfa9/attachment.html<http://www.butchevans.com/pipermail/mikrotik/attachments/20120612/5cf1dfa9/attachment.html>
>>> >
>>> ______________________________****_________________
>>> Mikrotik mailing list
>>> Mikrotik at mail.butchevans.com
>>> http://www.butchevans.com/****mailman/listinfo/mikrotik<http://www.butchevans.com/**mailman/listinfo/mikrotik>
>>> <http**://www.butchevans.com/mailman/**listinfo/mikrotik<http://www.butchevans.com/mailman/listinfo/mikrotik>
>>> >
>>>
>>>
>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>>> RouterOS
>>>
>>>
>>
>>  ______________________________**_________________
> Mikrotik mailing list
> Mikrotik at mail.butchevans.com
> http://www.butchevans.com/**mailman/listinfo/mikrotik<http://www.butchevans.com/mailman/listinfo/mikrotik>
>
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
> RouterOS
>



-- 
Mike Lyon
408-621-4826
mike.lyon at gmail.com

http://www.linkedin.com/in/mlyon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.butchevans.com/pipermail/mikrotik/attachments/20120612/af0e8871/attachment.html>


More information about the Mikrotik mailing list