Pekny den panove, nedari se mi rozchodit nasledujici:
Mam na WAN rozhrani od ISP dve ip ze stejneho subnetu napr.: 188.65.X.2 a 188.65.X.3 Vnitrni sit ma rozsah 192.168.10.0/24 ja potrebuju z tohotu subnetu nekolik IP adres neprekladat na 188.65.X.2 ale na 188.65.X.3. Tzn. cca 5ip adres pres prvni a zbytek src-nat za druhou.
na wan rozhrani mam:
/ip address
add address=188.65.X.2/29 interface=wan network=188.65.X.0
add address=188.65.X.3/29 interface=wan network=188.65.X.0
Pridal jsem si do firewallu mangle pravidlo do preroutingu:
/ip firewall mangle
add action=mark-routing chain=prerouting connection-state=new new-connection-mark=MarkRouting1 passthrough=no \
src-address=192.168.10.135 in-interface=br1
/ip firewall mangle
add action=mark-routing chain=prerouting connection-state=new new-connection-mark=MarkRouting1 passthrough=no \
src-address=192.168.10.136 in-interface=br1
....
/ip firewall nat
add action=src-nat chain=srcnat out-interface=wan connection-mark=MarkRouting1 out-interface=wan to-addresses=188.65.X.2
/ip firewall nat
add action=src-nat chain=srcnat out-interface=wan connection-mark=!MarkRouting1 to-addresses=188.65.X.3
Pravidlo pro oznacovani funguje a oznacuje, ale preklad nejde.
