MikroTik

Community discussions
https://forum.mikrotik.com/

Assign Public IP across Private Network

https://forum.mikrotik.com/viewtopic.php?t=122569

Page 1 of 1

Assign Public IP across Private Network

Posted: Tue Jun 13, 2017 8:15 pm
by grimster01a
Hello,

I am trying to configure one of my clients with a public IP that is reachable from the web. He is at a remote site on the LAN side of my Mikrotik router. He has a private ip currently. I have tried so many different NAT rules to accomplish this. I have is router bound to a private IP in the leases section by MAC.

this one allows him to appear public to the web from the private IP but it only works outgoing. Incoming traffic to the public ip still does not reach him. I could use some direction here please.

/ip firewall nat
add action=dst-nat chain=dstnat comment="test" disabled=no dst-address=<public IP> to-addresses=<private IP>
add action=src-nat chain=srcnat comment="test" disabled=no src-address=<private IP> to-addresses=<public IP>

Re: Assign Public IP across Private Network

Posted: Wed Jun 14, 2017 1:09 am
by Sob
Does this dstnat rule have any hits? If not, there's some other dstnat rule before it that catches those packets first. If yes, it might be blocked by some rule in /ip firewall filter, forward chain.

Re: Assign Public IP across Private Network

Posted: Wed Jun 14, 2017 1:34 am
by grimster01a
Yes. 562.2KiB.

Re: Assign Public IP across Private Network

Posted: Wed Jun 14, 2017 4:21 pm
by StubArea51
Hello,

I am trying to configure one of my clients with a public IP that is reachable from the web. He is at a remote site on the LAN side of my Mikrotik router. He has a private ip currently. I have tried so many different NAT rules to accomplish this. I have is router bound to a private IP in the leases section by MAC.

this one allows him to appear public to the web from the private IP but it only works outgoing. Incoming traffic to the public ip still does not reach him. I could use some direction here please.

/ip firewall nat
add action=dst-nat chain=dstnat comment="test" disabled=no dst-address=<public IP> to-addresses=<private IP>
add action=src-nat chain=srcnat comment="test" disabled=no src-address=<private IP> to-addresses=<public IP>
You can always route the IP to him rather than use NAT if he is at a remote location that is routable. It doesn't matter if the IP addressing is private.

Re: Assign Public IP across Private Network

Posted: Wed Jun 14, 2017 5:18 pm
by AlainCasault
Also make sure that you have a filter allowing forward traffic to your client.

Sent from Tapatalk

Re: Assign Public IP across Private Network

Posted: Mon Jun 26, 2017 2:57 am
by idlemind
You can bridge the public IP to him with EoIP if it is part of a subnet somewhere else. Alternatively, build a tunnel with a technology like GRE to the customer network and route the IP down to them.
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/