Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vlad2016-03-24 22:04:52
Computer networks
Vlad, 2016-03-24 22:04:52

Mikrotik without NAT with "end-to-end" addressing. How?

We have:
Networks X - 10.61.5.0/24 ,
Y - 10.56.0.0/24 and
Z - 10.57.0.0/24.
The gateway for the X network is a device that cannot be replaced by Mikrotik with IP - 10.61.5.1 ,
Mikrotik RouterBOARD 951G 2HnD with IP - 10.61.5.4 - which looks at the gateway 10.61.5.1, which, in turn, looks at the Y and Z networks, and also the
second IP 10.61.5.6 - which looks into the local network X.
How can I make packets go from network X through Mikrotik to networks Y, Z and back without changing the destination/source IP?
UPD: Added a diagram.
b6bd73ae905447f39148eb2a8d57aa51.gif
And export configuration

/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established,related
add action=drop chain=input comment="default configuration" in-interface=ether1-gateway
add action=fasttrack-connection chain=forward comment="default configuration" connection-state=established,related
add chain=forward comment="default configuration" connection-state=established,related
add action=drop chain=forward comment="default configuration" connection-state=invalid
add action=drop chain=forward comment="default configuration" connection-nat-state=!dstnat connection-state=new in-interface=ether1-gateway

/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" out-interface=ether1-gateway

/ip route
add distance=1 gateway=10.61.5.1

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
A
alegzz, 2016-03-26
@Rid-lin

if 10.61.5.0/24, then how does 10.61.5.1 understand that it is necessary to send packets to the 10.61.5.0/24 network via Mikrotik, and not directly?

Report
M
Maxim Moseychuk, 2016-03-25
@fshp

1) Allow the necessary chains in the firewall (by default, a lot of things are blocked there).
2) Set up routes.

Report
N
nimbo, 2016-03-25
@nimbo

routing w

Report
A
Azazel PW, 2016-03-25
@azazelpw

Yes, my friend, you are a noble masochist, then you will get confused in these shit when an accident happens.
Bring Mikrotik and connected devices to another subnet, set the gateway to 10.61.5.1.

Report
G
gaid78, 2016-04-06
@gaid78

And if you combine two ports into a bridge and tell the bridge to work in dumb switch mode....

Similar questions
W
Wyrierit2020-03-03 16:49:31
Miracast does not work in my case. Can work with Honor 8? 1Reply
D
DVoropaev2017-10-19 00:24:25
Why does WEP (WiFi) need an initialization vector? 3Reply
R
RoffDaniel2020-03-05 00:40:03
How to share external IPs over LAN? 6Reply
R
Roooooooooom2020-03-05 12:36:57
How to limit the operation of a PC (or console) in time and introduce acquiring into this process? 1Reply
D
DVoropaev2017-10-21 18:51:04
How to setup static ip connection between router and linux? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question