Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vlad2016-03-24 22:04:52
Computer networks
Vlad, 2016-03-24 22:04:52

Mikrotik without NAT with "end-to-end" addressing. How?

We have:
Networks X - 10.61.5.0/24 ,
Y - 10.56.0.0/24 and
Z - 10.57.0.0/24.
The gateway for the X network is a device that cannot be replaced by Mikrotik with IP - 10.61.5.1 ,
Mikrotik RouterBOARD 951G 2HnD with IP - 10.61.5.4 - which looks at the gateway 10.61.5.1, which, in turn, looks at the Y and Z networks, and also the
second IP 10.61.5.6 - which looks into the local network X.
How can I make packets go from network X through Mikrotik to networks Y, Z and back without changing the destination/source IP?
UPD: Added a diagram.
b6bd73ae905447f39148eb2a8d57aa51.gif
And export configuration

/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established,related
add action=drop chain=input comment="default configuration" in-interface=ether1-gateway
add action=fasttrack-connection chain=forward comment="default configuration" connection-state=established,related
add chain=forward comment="default configuration" connection-state=established,related
add action=drop chain=forward comment="default configuration" connection-state=invalid
add action=drop chain=forward comment="default configuration" connection-nat-state=!dstnat connection-state=new in-interface=ether1-gateway

/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" out-interface=ether1-gateway

/ip route
add distance=1 gateway=10.61.5.1

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
A
alegzz, 2016-03-26
@Rid-lin

if 10.61.5.0/24, then how does 10.61.5.1 understand that it is necessary to send packets to the 10.61.5.0/24 network via Mikrotik, and not directly?

Report
M
Maxim Moseychuk, 2016-03-25
@fshp

1) Allow the necessary chains in the firewall (by default, a lot of things are blocked there).
2) Set up routes.

Report
N
nimbo, 2016-03-25
@nimbo

routing w

Report
A
Azazel PW, 2016-03-25
@azazelpw

Yes, my friend, you are a noble masochist, then you will get confused in these shit when an accident happens.
Bring Mikrotik and connected devices to another subnet, set the gateway to 10.61.5.1.

Report
G
gaid78, 2016-04-06
@gaid78

And if you combine two ports into a bridge and tell the bridge to work in dumb switch mode....

Similar questions
P
Pavel2014-08-13 09:12:44
How to create a link in a MySQL DB textbox when accessed from Access? 2Reply
L
LNK2016-06-08 20:43:19
What to study to create a dynamic website? 2Reply
N
Nikolay Ivanchenko2016-06-09 10:18:03
How to properly set up link aggregation for nas THECUS N10800? 1Reply
I
idze2014-04-26 11:13:22
How to give a random static file to Tornado web? 2Reply
I
Ivan Panteleev2016-06-09 18:32:23
How does CIR really work? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question