I need to map an entire /24 subnet to a specific single ip address on our router. How do I do this? Would netmap accomplish this?

/ ip firewall nat
add chain=srcnat out-interface=ether1 src-address=192.168.0.0/24 \
action=netmap to-addresses=10.0.0.1 to-ports=0-65535

Thanks,
Ken

I don't think netmap is the answer for you. That maps a range of IPs to a range of IPs. If I understand you correctly, you want to masquerade a local net as ether1.

/ip firewall nat add chain=srcnat action=masquerade out-interface=ether1

This "allows" your local net access to ether1, and to the outside world you look like the router's ether1 IP.

I would like to be able to specify which IP address the masquerade rule uses and this isn't possible with a normal masquerade rule.

Thanks,
Ken

How about this? This is supposed to "masquerade" the local net as 68.99.58.98. I haven't verified that this works.
/ip firewall nat add chain=srcnat src-address=192.168.0.0/24 action=src-nat to-addresses=68.99.58.98

Thanks, I'll give that a try.

I feel unsure about the action tho. Somehow I feel that should be "masquerade" and not "src-nat". The docs say src-nat. My brain says masquerade.

EDIT: I just did a check. I use version 2.9.46, and it has a challenge with dns if you change any IP addresses after setting up the dns. I had to reset my MT box and start over.

This works if all is entered in the correct order:
/ip firewall nat
add chain=srcnat action=src-nat to-addresses=xxx.xxx.xxx.xxx src-address=192.168.0.0/24

It must be done in this order on my box:

1 - All IP addresses for all interfaces
2 - gateway
3 - dns
4 - dhcp
5 - nat

To check for valid dns, try pinging a domain name:
/ping email.prolectron.net
If dns is corrupted, you will get a message like "invalid argument".