Hi

So. I have some solutions coming up where we are replacing an out going ISP with a wires only provided solution meaning that we will replace the ISP router that would generally provide the customers true RIPE provided ip's on its LAN port.

This means that for a customer that maybe has a firewall of their own, we can provide a solution with RIPE IPs on the LAN and the service continues as normal, however, for customers that were using a secondary router of their own to NAT I have a problem.

Can I run a Mikrotik, possibley with the customers LAN RIPE IP addresses in some sort of DMZ so I can carry on providing port forwarding to NAT debices on the customers internal ip range on the MKs LAN port.

So traditionally

Internet <> IP 1.1.1.1 <ISP Provided Router> Customer RIPE Addresses IP 2.2.2.2 <Customer Router> NAT Internal Range 10.0.0.0

This solution would have a port forward on the customer 2.2.2.2 range into the network for example a 80/44 pubis or an MX record smtp 25 delivery

Now with wireles only solution from ISP, we can use the MK to replace the ISP router. Could I do this:

Internet <> IP 1.1.1.1 <MK ROUTER> NAT Internal Range 10.0.0.0
|
DMZ (no physical port) - Customer Ripe Addresses IP 2.2.2.2 Port forward 80/443/25 to 10.0.0.10 NAT

Or should I forget it, have a MK to replace the ISP router and then have another smaller MK router to be the customers router?

Thanks

Tim