L
L
lenzig2019-10-24 15:24:36
Mikrotik
lenzig, 2019-10-24 15:24:36

How to exclude multiple subnets from NAT on Mikrotik?

Given:
Office A - it has an L2TP server on a micrometer and a Sberbank server in LAN
Offices B and C - connected to L2TP to access this server
What is the point - the server must see each machine that logs in to it separately. But he sees only the internal VPN network, and not the local locations of offices B and C. In the masquerading rule, you can only remove one subnet from NAT, but how can you exclude several from it?

Answer the question

In order to leave comments, you need to log in

2 answer(s)
D
Dmitry, 2019-10-24
@hempy80

1) create an address list with the necessary networks,
for example

ip firewall address-list add address=10.0.0.0/24 list=local
ip firewall address-list add address=10.0.10.0/24 list=local
ip firewall address-list add address=192.168.0.0/24 list=local
и т.д

2) add a rule
or edit an existing masquerade rule
5db1ac4cf04ba545069890.png

P
poisons, 2019-10-24
@poisons

I'll remotely connect to your micrometers and look at the configs..... Where are the
excerpts of the configs?
1) From the side of the l2tp server
2) From the side of the clients
While the diagnosis is - for some reason you yourself zanat l2tp clients, I can assume because you did not write the route on the client from the office with the server and the traffic did not go.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question