Network IP Settings
WAN: IP Address 192.168.11.2
Gateway 192.168.11.1 (DSL Modem IP)
LAN: IP Address 192.168.0.1
LAN2: IP Address 192.168.100.2
Squid Proxy 192.168.100.1 (Squid Server IP)
What is LIVE-IP and where we need this,
1st) If you have more than one Internet IP or IP-Pool (your ISP assigns you 2 IPs one you used in server WAN and one you have spare) or you want to use that internet IP into your internal network
2nd) if your main Server/Modem behind Mikrotik or NAT or you want to direct access to main server with your own Clint-Side IP, without NAT
(Example, Clint-IP 192.168.0.200 is a NAT IP or we need to access Modem/Squid (Both of behind a Mikrotik or no any Direct Access without NAT) but we need to Access without NAT (like direct hit with IP 192.168.0.200 to squid or squid can also communicate with 192.168.0.200 or we can ping on both sides to each others)
Setup
Do not use masquerade rule (IP/Firewall/NAT)for srcnat 192.168.0.200, or if you alredy use masquerade rule for 192.168.0.200 you need to disable this rule,
Create a mangle rule in Firewall with new routing mark live (live is name of routing mark, you can use XYZ)
When 192.168.0.200 send any request to Mikrotik, then Mikrotik add routing mark live with this requist
Add a Route in IP/Route for mangle-live (with mark live)
When 192.168.0.200 send request with routing mark live then Mikrotik route that request with original ID (192.168.0.200) to Gateway 192.168.100.1, (Gateway witch you chose)
No comments:
Post a Comment