Hi,
I have this plan:
2 ISP and 1 router Mikrotik.
Port 1 Mikrotik has 1 ISP connected
Port 2 Mikrotik has another ISP connected
Port 3 Mikrotik has a switch for internal network
Port 4 Mikrotik has another switch for internal network
Internal network is in subnet 192.168.90.0/32 (second ISP) and servers is in 192.168.1.0/32 (first ISP). From internal subnet I can ping servers and viceversa, its ok.
The question is, when I access from internal subnet (192.168.90.30) to any server (192.168.1.20), on server I see as source 192.168.1.1 ( main IP of ISP - same IP router really ). Are there way to see internal IP when I access from internal subnet to servers?
Thanks!
Re: Question about 2 subnet
Yes, make adjustments to your Firewall NAT rules.
It looks like they are wrong right now, you should have NAT only for traffic outgoing to internet, not to your second LAN.
It looks like they are wrong right now, you should have NAT only for traffic outgoing to internet, not to your second LAN.
Re: Question about 2 subnet
Thanks for reply.
In NAT I have only a masquerade
Rest rules on NAT are for specific ports. Should I create any extra rule?
Regards.
In NAT I have only a masquerade
Code: Select all
[admin@MikroTik] /ip firewall nat> print
0 chain=srcnat action=masquerade log=no
Regards.
Re: Question about 2 subnet
This rule is too broad!
You need to narrow it with output-interface, like it was before you modified it.
When you have to internet interfaces, create another rule like that.
You need to narrow it with output-interface, like it was before you modified it.
When you have to internet interfaces, create another rule like that.
Re: Question about 2 subnet
Could you let me know some more information? This is a real connection with employees working all time, I do not want to leave employees without internet.This rule is too broad!
You need to narrow it with output-interface, like it was before you modified it.
When you have to internet interfaces, create another rule like that.
Thanks you!
Re: Question about 2 subnet
Hello aarango, as pe1chl says, you should be more specific on NAT rules, the one you have:
masquerade's all the traffic passing through the router, this is not recommended as it will consume (unnecessarily) a lot of resources in your router.
In your case, you should try src-nat/masquerade the traffic that goes to the outside of your network like:
This could work for you.
Code: Select all
0 chain=srcnat action=masquerade log=no In your case, you should try src-nat/masquerade the traffic that goes to the outside of your network like:
Code: Select all
chain=srcnat action=masquerade out-interface=ether1 log=no log-prefix=""
chain=srcnat action=masquerade out-interface=ether2 log=no log-prefix=""
Re: Question about 2 subnet
Done! and its working fine. Thanks!!!Hello aarango, as pe1chl says, you should be more specific on NAT rules, the one you have:masquerade's all the traffic passing through the router, this is not recommended as it will consume (unnecessarily) a lot of resources in your router.Code: Select all0 chain=srcnat action=masquerade log=no
In your case, you should try src-nat/masquerade the traffic that goes to the outside of your network like:This could work for you.Code: Select allchain=srcnat action=masquerade out-interface=ether1 log=no log-prefix="" chain=srcnat action=masquerade out-interface=ether2 log=no log-prefix=""
Who is online
Users browsing this forum: vingjfg and 29 guests