Hi,

I have an RB1100AHx4, that I've "inherited".
There's some weird config with multiple brigdes in it, that I don't want to break for now.

But there's something I need to do - I have an internet connection with a /29 range assigned.
Currently, the everything goes through a 200.x.y.58 IP address, and there's a 255.255.255.248 netmask assigned, with 200.x.y.57 gateway.

Now, I need to assign one of the IP addresses from my range (let's say 200.x.y.59) to one of the devices in my network. I need this to be a direct connection - as in: I need this device to be "aware" of that address, so it has to be assigned directly. So port forwarding is not going to be an option. This is because there's a service on this device, that logs all connections coming to it, and when I've used port forwarding, the service thought that all of the connections are coming from 192.168.10.1, instead of the public IP address of the actual source. Is it possible to achieve that?
If that helps, the router is currently running RouterOS 6.47.10, with license level 6.

Can someone, please, help? I'm completely lost when it comes to Mikrotik devices.

Depending on your current config the thing you want could be quite invasive.

But the best i could come up with is making a bridge and adding the interfaces that 200.x.y.57 and 200.x.y.59 are directly connected to.
Then add the IP 200.x.y.58/29 to the bridge.

Your new "WAN interface" will be the bridge (adjust your firewall accordingly) with default route to 200.x.y.57

Make sure traffic from src-addr 200.x.y.59 is not natted

Depending on your current config the thing you want could be quite invasive.

But the best i could come up with is making a bridge and adding the interfaces that 200.x.y.57 and 200.x.y.59 are directly connected to.
Then add the IP 200.x.y.58/29 to the bridge.

Your new "WAN interface" will be the bridge (adjust your firewall accordingly) with default route to 200.x.y.57

Make sure traffic from src-addr 200.x.y.59 is not natted

Code: Select all

# jun/18/2023 11:30:47 by RouterOS 6.49.6
# software id = 
#
#
#
/interface bridge
add name=bridge_WAN
add name=bridge_LAN
/ip pool
add name=dhcp_pool0 ranges=172.16.0.2-172.16.0.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge_LAN name=dhcp1
/interface bridge port
add bridge=bridge_WAN interface=ether1
add bridge=bridge_WAN interface=ether2
add bridge=bridge_LAN interface=ether3
/ip address
add address=200.x.y.58/29 interface=bridge_WAN network=200.x.y.56
add address=172.16.0.1/24 interface=bridge_LAN network=172.16.0.0
/ip dhcp-server network
add address=172.16.0.0/24 gateway=172.16.0.1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=bridge_WAN src-address=172.16.0.0/24
/ip route
add distance=1 gateway=200.x.y.57

Sorry for late reply.
Thank you for your suggestion!
I will try that, and report back.