RouterOS (Mikrotik) - DST-NAT based on Destination host name (website name)

P

pportnoy2013-10-10 23:40:51

Mikrotik

pportnoy, 2013-10-10 23:40:51

Good afternoon!

I wanted to know - is it really possible to make Mikrotik do dst-nat on one IP inside the LAN when requesting one.domain.com, and do dst-nat on another IP when requesting two.domain.com?
Given that, in fact, one and two refer to one external IP?

In short, you can do this with Apache or TMG ... Is it possible to implement it on RouterOS?

Thanks in advance!

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

N

Nadz Goldman, 2013-10-10
@nadz

Duc, as it were, Apache is not quite on the topic.
And NAT is L3, not L7.
There are no domains.
But!
As an option.
In the L7 firewall (in Winbox) we draw the regexp, in the firewall we mark the packet that matches the given expression, and in NATe we draw the rule.
But I'm not entirely sure it will work.

K

KrD, 2013-10-11
@KrD

Option on the mountain: make a Virtual Ethernet interface (vif *), then hang an IP address on it, create a static DNS record of the required name on the IP address of the vif interface, and from it do dst-nat in the direction you need. Repeat for all DNS names that require wrapping inside the local network.
It's all thinking out loud; combat verification required.
PS: to be honest, this is a very good question, because I had a similar situation a while ago, but I could not solve it then. Well, I'll try to do something similar myself. Plus to you in karma! :)