Hi
I have a PC Client 192.168.1.8 that has gateway a mikrotik 192.168.1.3 (eth2)
Mikrotik has on eth1 10.10.10.0/24 and has gateway another mikrotik 10.10.10.101
Mikrotik 10.10.10.101 uses on an interface the 192.168.1.0/24 network.
Is there a way to access PC Client 192.168.1.8 from 10.10.10.0/24 by using NAT or another way?
Re: NAT on two different LAN
Hi,
I think if you do masquerade without specifying out-interface.
I think if you do masquerade without specifying out-interface.
Code: Select all
/ip firewall nat add chain=srcnat src-address=192.168.1.0/24 action=masquerade
/ip firewall nat add chain=srcnat src-address=10.10.10.0/24 action=masquerade
Re: NAT on two different LAN
You can use a dst-nat rule at the first Mikrotik - from the second one, you connect to the address of the first one, and the first one forwards the packet to the PC. This is true for connections initiated in this direction (the client is the second Mikrotik, the server is the PC); in the opposite direction (PC as a client connecting to the second Mikrotik), you need a src-nat on the first Mikrotik, so that the responses from the second Mikrotik to the PC client would not end at its local LAN.Hi
I have a PC Client 192.168.1.8 that has gateway a mikrotik 192.168.1.3 (eth2)
Mikrotik has on eth1 10.10.10.0/24 and has gateway another mikrotik 10.10.10.101
Mikrotik 10.10.10.101 uses on an interface the 192.168.1.0/24 network.
Is there a way to access PC Client 192.168.1.8 from 10.10.10.0/24 by using NAT or another way?
But you can also set up a route to 192.168.1.8/32 at the second Mikrotik via the first one, which will override the dynamically added route to the local subnet, but it means that you cannot use 192.168.1.8 on the second Mikrotik's LAN.
-
-
iaraptisJack
just joined
- Posts: 3
- Joined:
Re: NAT on two different LAN
The route to 192.168.1.8/32 is a good solution.You can use a dst-nat rule at the first Mikrotik - from the second one, you connect to the address of the first one, and the first one forwards the packet to the PC. This is true for connections initiated in this direction (the client is the second Mikrotik, the server is the PC); in the opposite direction (PC as a client connecting to the second Mikrotik), you need a src-nat on the first Mikrotik, so that the responses from the second Mikrotik to the PC client would not end at its local LAN.Hi
I have a PC Client 192.168.1.8 that has gateway a mikrotik 192.168.1.3 (eth2)
Mikrotik has on eth1 10.10.10.0/24 and has gateway another mikrotik 10.10.10.101
Mikrotik 10.10.10.101 uses on an interface the 192.168.1.0/24 network.
Is there a way to access PC Client 192.168.1.8 from 10.10.10.0/24 by using NAT or another way?
But you can also set up a route to 192.168.1.8/32 at the second Mikrotik via the first one, which will override the dynamically added route to the local subnet, but it means that you cannot use 192.168.1.8 on the second Mikrotik's LAN.
About the solution with the dst-nat rule a have some questions: every set-up should be only in first mikrotik? (192.168.1.3 / 10.10.10.4). No need to set anything to the second one?
Thank you for your help
Re: NAT on two different LAN
Yes. The client on the second Mikrotik connects to 10.10.10.4 and all the handling needs to be done at the 10.10.10.4 'Tik.every set-up should be only in first mikrotik? (192.168.1.3 / 10.10.10.4). No need to set anything to the second one?
-
-
iaraptisJack
just joined
- Posts: 3
- Joined:
Re: NAT on two different LAN
[/quote]
Yes. The client on the second Mikrotik connects to 10.10.10.4 and all the handling needs to be done at the 10.10.10.4 'Tik.
[/quote]
Ok but i want from the LAN 10.10.10.0/24 to connect to 192.168.1.8 . How the second mikrotik will know to forward the packets to 10.10.10.4?
In the case of static route its obvious but in other case i don't understand how they will communicate
Yes. The client on the second Mikrotik connects to 10.10.10.4 and all the handling needs to be done at the 10.10.10.4 'Tik.
[/quote]
Ok but i want from the LAN 10.10.10.0/24 to connect to 192.168.1.8 . How the second mikrotik will know to forward the packets to 10.10.10.4?
In the case of static route its obvious but in other case i don't understand how they will communicate
Re: NAT on two different LAN
It wasn't clear from your OP to that you want the client at the second Tik to connect to the address 192.168.1.8, it seemed to be sufficient that it reaches the server "somehow".Ok but i want from the LAN 10.10.10.0/24 to connect to 192.168.1.8
So if you don't mind excluding 192.168.1.8 from use on the second Tik, the route is the easiest solution; otherwise you may use two dst-nat rules, one on each Tik, and the rule on the second Tik may act only on packets from the IP address if the client.
But I forgot to write that if the client's address is in 192.168.1.x too, you have to make the second Tik respond to ARP requests for 192.168.1.8. This can be done using /interface bridge nat rules (and then you can add the exceptional route), or you may attach 192.168.1.8 as own address of the second Tik and use the two dst-nat rules.