Answer the question
In order to leave comments, you need to log in
RouterOS (Mikrotik) - DST-NAT based on Destination host name (website name)
Good afternoon!
I wanted to know - is it really possible to make Mikrotik do dst-nat on one IP inside the LAN when requesting one.domain.com, and do dst-nat on another IP when requesting two.domain.com?
Given that, in fact, one and two refer to one external IP?
In short, you can do this with Apache or TMG ... Is it possible to implement it on RouterOS?
Thanks in advance!
Answer the question
In order to leave comments, you need to log in
Duc, as it were, Apache is not quite on the topic.
And NAT is L3, not L7.
There are no domains.
But!
As an option.
In the L7 firewall (in Winbox) we draw the regexp, in the firewall we mark the packet that matches the given expression, and in NATe we draw the rule.
But I'm not entirely sure it will work.
Option on the mountain: make a Virtual Ethernet interface (vif *), then hang an IP address on it, create a static DNS record of the required name on the IP address of the vif interface, and from it do dst-nat in the direction you need. Repeat for all DNS names that require wrapping inside the local network.
It's all thinking out loud; combat verification required.
PS: to be honest, this is a very good question, because I had a similar situation a while ago, but I could not solve it then. Well, I'll try to do something similar myself. Plus to you in karma! :)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question