FAQFAQ     SearchSearch   Log in to check your private messagesLog in to check your private messages    

Natting in Routeros

 
Post new topic   Reply to topic    wug.za.net Forum Index -> Software
View previous topic :: View next topic  
Author Message
bbj



Joined: 14 Oct 2008
Posts: 12

PostPosted: Tue Oct 14, 2008 10:24 am    Post subject: Natting in Routeros Reply with quote

Can someone please give me the skinny on Natting in Routeros.

The sceenario is simple. I have wifi card connecting to the wug, and lan connected locally.

My local addresses are in the 192.168.1.0/24 range and my adsl ink is my default gateway.

I want to use the firewall and natting abilities of routeros to do address translation for me onto the wug.

i have a LAN range of ip's assigned to me. I also have more than 1 pc that i'd like to use on the WUG with a 1:1 NAT ( each 192 address must match its own 172 address )

Please enlighten me.

BBJ
_________________
borg....dyslexia......laminated
Back to top
View user's profile Send private message
fragtion



Joined: 25 May 2007
Posts: 15

PostPosted: Tue Oct 14, 2008 11:03 am    Post subject: Reply with quote

[18:25] <+fragtion> anyone know how to set up NAT in routeros (winbox). I am connecting to a friends wlan and he's on a seperate IP range (192.168.0.0/24) that doesnt have routes for my internal net (172.16.6.0/27). My rb's wlan ip is 192.168.0.85/24 and i can ping his pc (192.168.0.10) FROM my rb, but not from my PC, because no NAT on router.
[18:26] <+fragtion> on a wrt with ddwrt its a simple tick of "use NAT", not so easy in ros ;/
[18:27] * Joins: Toxin (toxin.wug@desktop.toxin.jawug)
[18:28] <&Rossi> ip>firewall>nat
[18:28] <&Rossi> new rule
[18:28] <&Rossi> src-address = your ip block
[18:28] <&Rossi> chain = src nat

Make sure you set action to Masquerade
Back to top
View user's profile Send private message
bbj



Joined: 14 Oct 2008
Posts: 12

PostPosted: Tue Oct 14, 2008 12:48 pm    Post subject: Reply with quote

how do you specify which outside address maps to which inside addess ?


[edit] ok Found the answer....

Example of 1:1 mapping
If you want to link Public IP subnet 11.11.11.0/24 to local one 2.2.2.0/24, you should use destination address translation and source address translation features with action=netmap.

/ip firewall nat add chain=dstnat dst-address=11.11.11.1-11.11.11.254 \
action=netmap to-addresses=2.2.2.1-2.2.2.254

/ip firewall nat add chain=srcnat src-address=2.2.2.1-2.2.2.254 \
action=netmap to-addresses=11.11.11.1-11.11.11.254
_________________
borg....dyslexia......laminated
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    wug.za.net Forum Index -> Software All times are GMT + 2 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum