Saturday, August 4, 2012

My Mistake #1: Doing Double NAT

Doing Double NAT. Please don't do this in your MikroTik router. It will make your internet connection more slower, because your router do same job twice for every connection.
Solutions are:

- Please do NAT only in your public or local interface. Don't masquerade both of them. the command is:
/ip firewall nat add chain=src-nat out-interface=(your-public-ethernet) action=masquerade
- Remove any automatic masquerade generated by hotspot configuration
- Only 1 NAT with masquerade action in firewall
- If you have more than one public interface to internet, do NAT for every output interface, do not NAT your local interface again or your IP class.
Posted by at
Labels: , , , , , ,

1 comment:

  1. nominetDecember 4, 2012 at 7:18 AM

    Salaam, brother I'm newbie to MikroTik. I need help in disabling NAT from hotspot.

    On my network I have load balancing and hotspot on separate routers, which leads to double NATTING.

    Could you please explain me on how to disable NAT from hotspot. At the moment I'm using following script

    chain=srcnat action=masquerade to-addresses=0.0.0.0 src-address=172.16.1.0/24

    Could you please give me a script to replace this rule.

    Thanks

    ReplyDelete

Subscribe to: Post Comments (Atom)