Hi ;

I'm using mikrotik CCR1036-12G-4S. I have 192.168.10.0/21 ( cidr notation) private ip block. I want to do 1:1 NAT some IP addresses.

for example:

192.168.10.1 ( private ip adress ) --> 1.1.1.1 ( public ip adress)

/ip firewall nat add chain=srcnat src-address=192.168.10.1 action=src-nat \
to-addresses=1.1.1.1

but is not working. packets counters is zero. no package does not get caught.

if use netmap

for example

/ip adress firewall chain=srcnat action=netmap to-addresses=192.168.10.0/24 src-address=1.1.1.0/24

netmap NAT is working. I have to watch the way how to solve this problem. How do I write a correct NAT rule ? very simple operation, but I can not be successful

Check the position of the SRC NAT rule in relation to others - perhaps the relevant traffic is already being acted on earlier. Perhaps upload your NAT entries.

Why not masquerade?

/ip firewall nat add chain=srcnat src-address=192.168.10.0/24 out-interface=ether1-gateway action=masquerade

Hi Guys;

CelticComms;

problem is solved. No problem in the sort. I noticed now. ip address dhcp ip address with different hotspot. Type the IP address of the hotspot nat worked. So why be different?


/ip pool used print
hs-pool-6 10.5.49.4 hotspot 14:DA:E9:AB:26:EF
hs-pool-6 10.5.50.128 DHCP 14:DA:E9:AB:26:EF

unridaz;

I'm working on the campus network. in a legal situation (ilegal content, copyright, etc. ..) that provides access to private IP addresses need to increase public ip address.If I use one ip address for 2000 people not eligible for legal investigations.