I have a Mikrotik RB532 with 5 total interfaces, 3 Ethernet and two wireless. The internet comes into this MT via ether1. All of the interfaces are bridged. The other two ethernet interfaces have seperate AP's on them, and the two wireless function as ap's.
Today, as part of reengineering the network to have each interface not bridged and routed instead, I removed wlan1, applied its own private IP address and created your standard SRC-NAT rule. When I created the src-nat rule, the users on the wlan1 work fine, however everyone else connected to the bridge suddenly is unable to query the DNS server, but is able to still ping outside gateway and other internet hosts. Immediately disabling the src-nat rule makes everyone else work, but users on wlan1 becomes disabled.
We wanted to use NAT as we have ran out of IP's to effectively just rearrange my network. My clients get a static public IP address, and we currently have three full class C's subnets on my network. Many of these clients are static. The idea was that we would turn over a segment at a time over to nat, freeing up the IP's and then we could gradually and slowly redistribute the public IP's giving us a purely routed network as having the bridged network with so many clients is starting to take its toll.
The nat rule as configured...
Code: Select all
2 X chain=srcnat out-interface=ether1 action=masquerade
Pretty standard. Is there a way to get that single interface doing the nat without causing the other interfaces to break so oddly ? I've seen a few posts about connection lists, however a connection list can only address a single subnet at a time, and I have several.
The manual doesn't seam to address situations like this.
Ideas ? (Yes, I've RTFM several times but its possible that I'm not looking in the right place for this particular application)
)