How to link public addresses (real ip) to private ip or lan ip
•
1 j'aime•872 vues
The document provides instructions for configuring Network Address Translation (NAT) on a router to link private IP addresses on a local area network to public IP addresses. It describes adding two public IP addresses and a private address to the router's interfaces, setting a default route specifying one public address, creating a destination NAT rule to access an internal server via a public address, and source NAT rules to translate the internal server's address and other hosts' addresses to the public addresses.
![Prepared by wichets@e-spacecorp.net ● E-SPACE TECHNOLOGIES CORPORATION ● Tel.0898821501 pg. 15 of 31
How To Link Public addresses to Local ones
Using Network Address Translation (NAT), private IP addresses on LAN are replaced by public IP addresses. This
lets computers on LAN share public IP addresses.
Let us assume two addresses (10.0.0.216 and 10.0.0.217) are assigned to the router. In this example we will 'full
NAT' the internal address 192.168.0.4 to the external 10.0.0.216 one while keeping 10.0.0.217 for the router itself
as well as for masquerading the internal network. To setup the router follow the steps listed below.
1. Add 10.0.0.216/24 and 10.0.0.217/24 addresses to the router's Public interface and 192.168.0.254/24 to the
router's Local interface:
[admin@MikroTik] ip address> add address=10.0.0.216/24 interface=Public
[admin@MikroTik] ip address> add address=10.0.0.217/24 interface=Public
[admin@MikroTik] ip address> add address=192.168.0.254/24 interface=Local](https://image.slidesharecdn.com/howtolinkpublicaddressesrealiptoprivateiporlanip-140819201917-phpapp01/85/How-to-link-public-addresses-real-ip-to-private-ip-or-lan-ip-1-320.jpg)
![Prepared by wichets@e-spacecorp.net ● E-SPACE TECHNOLOGIES CORPORATION ● Tel.0898821501 pg. 16 of 31
2. Add the default route to the router, but be aware of having two addresses. You should specify the address that
the router will be using while talking to the outer networks:
[admin@MikroTik] ip route> add gateway=10.0.0.1 prefsrc=10.0.0.217
3. Add DST-NAT rule allowing access to the internal server from external networks:
[admin@MikroTik] ip firewall nat> add action=dst-nat chain=dstnat
dst-address=10.0.0.216/32 to-addresses=192.168.0.4
4. To add SRC-NAT rules allowing the internal server to talk to the outer networks having its source address
translated to 10.0.0.216, while translating other internal hosts' source addresses to 10.0.0.217:
[admin@MikroTik] ip firewall nat> add action=src-nat chain=srcnat
src-address=192.168.0.4/32 to-addresses=10.0.0.216
[admin@MikroTik] ip firewall nat> add action=src-nat chain=srcnat
src-address=192.168.0.0/24 to-addresses=10.0.0.217](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Recommandé
Contenu connexe
Tendances
Tendances (20)
En vedette
Similaire à How to link public addresses (real ip) to private ip or lan ip
Similaire à How to link public addresses (real ip) to private ip or lan ip (20)
Plus de Tũi Wichets
Plus de Tũi Wichets (20)
Dernier
Dernier (20)
How to link public addresses (real ip) to private ip or lan ip
- 1. Prepared by wichets@e-spacecorp.net ● E-SPACE TECHNOLOGIES CORPORATION ● Tel.0898821501 pg. 15 of 31 How To Link Public addresses to Local ones Using Network Address Translation (NAT), private IP addresses on LAN are replaced by public IP addresses. This lets computers on LAN share public IP addresses. Let us assume two addresses (10.0.0.216 and 10.0.0.217) are assigned to the router. In this example we will 'full NAT' the internal address 192.168.0.4 to the external 10.0.0.216 one while keeping 10.0.0.217 for the router itself as well as for masquerading the internal network. To setup the router follow the steps listed below. 1. Add 10.0.0.216/24 and 10.0.0.217/24 addresses to the router's Public interface and 192.168.0.254/24 to the router's Local interface: [admin@MikroTik] ip address> add address=10.0.0.216/24 interface=Public [admin@MikroTik] ip address> add address=10.0.0.217/24 interface=Public [admin@MikroTik] ip address> add address=192.168.0.254/24 interface=Local
- 2. Prepared by wichets@e-spacecorp.net ● E-SPACE TECHNOLOGIES CORPORATION ● Tel.0898821501 pg. 16 of 31 2. Add the default route to the router, but be aware of having two addresses. You should specify the address that the router will be using while talking to the outer networks: [admin@MikroTik] ip route> add gateway=10.0.0.1 prefsrc=10.0.0.217 3. Add DST-NAT rule allowing access to the internal server from external networks: [admin@MikroTik] ip firewall nat> add action=dst-nat chain=dstnat dst-address=10.0.0.216/32 to-addresses=192.168.0.4 4. To add SRC-NAT rules allowing the internal server to talk to the outer networks having its source address translated to 10.0.0.216, while translating other internal hosts' source addresses to 10.0.0.217: [admin@MikroTik] ip firewall nat> add action=src-nat chain=srcnat src-address=192.168.0.4/32 to-addresses=10.0.0.216 [admin@MikroTik] ip firewall nat> add action=src-nat chain=srcnat src-address=192.168.0.0/24 to-addresses=10.0.0.217