Routeros netmap6/26/2023 ![]() This is by no means a solution, & the OP should get public IP space (either ipv4 or ipv6) to comply with the LAW. To combat with this IPV4 exhausting issue, we can use CGNAT as a workaround. In terms of RouterOS functionality it’s simple SRC NAT rule. CG-NAT as Workaround:ĬGNAT concept is used to share one or preferably more public IP addresses with large number of private ip addresses on ratio basis.CGNAT/NAT444 is a conception, not a function. With single public IP and hundreds of natted hosts behind it. nowadays law sometimes provide only the public ip along with source port and ask for the user credentials details for investigation purposes. This NATTING workaround is creating hurdles in tracking illegal activity performed by any NATTED users because hundreds of NATTED user will have same public ip (Mikrotik WAN IP). We all know that IPV4 shortage is on peak, getting ipv4 is expensive for 3rd world countries & small ISP’s as well. After the network upgrades, OP have reached 700 users in total, and since he have only 256 public ip’s, he is now using natting for half of his users. On Mikrotik, one public IP is configured for WAN and additional /24 routed pool (256 public IP addresses) is provided to the OP via ISP so that he can provide public IP to each user. Mikrotik Router is being used as PPPoE Server along with Freeradius as AAA. OP is running mini ISP with around 200 active subscribers. However – I do my best, learn from my mistakes and try to help others I make mistakes just like everybody else. So, please don’t hold me/my-postings to be always 100 percent correct. And, If I don’t know something then I read & learn all about it. So I am not speaking/posting about stuff I am formerly trained in, I pretty much go with experience and what I have learned on my own. When you are enslaved by private job & working as one man army, you have to perform many task in which you are not formally trained for. However I have worked with some networks and I read, research & try stuff all of the time. ![]() My humble request, Kindly donot consider me as an expert on this stuff, I am NOT certified in anything Mikrotik/Cisco/Linux or Windows. I would like to be able to paste these lists into a simple executable windows program and have it output in ascii text form a script ready to paste into the CLI interface of the mikrotik router.Incomplete Post, this contains only src-nat part, second method of NETMAP will be added soon which is far more simple & efficient as compared to the src-nat method ![]() There several hundred in total I would like to be able to enter from 1 set of data at least 100 sets at one time. I would have a list of customer numbers, customer IP address and new static public IP to-addresses=Īdd action=netmap chain=dstnat comment="CustomerNumber" dst-address= The 'srcnat and 'dstnat' scripts for each customer should be together, not all srcnat then all dstnats for example.Įxample of output required for each set of customer dataĪdd action=netmap chain=srcnat comment="CustomerNumber" src-address= txt file ready to be copied & pasted it into the router command line interface. I need a script generator to write two Mikrotik NAT rules in the following format for each set of customer data, and save the output as a.
0 Comments
Leave a Reply. |