Mikrotik Configuration for NAT

Network Address Translation or more commonly referred to as NAT is a method to connect more than one computer to the Internet network using a single IP address. Much use of this method due to the limited availability of IP addresses, the need for safety (security), and the ease and flexibility in network administration.

Currently, the widely used IP protocol is IP version 4 (IPv4). With a length of 4 bytes address means that there are 2 to the power 32 = 4,294,967,296 IP addresses available. This amount is theoretically the number of computers that can directly connect to the internet. Because of this limitation most of the ISPs (Internet Service Provider) will only allocate one address for one user and this address is dynamic, meaning that a given IP address will be different each time the user connects to the internet. This would make it difficult for businesses to lower middle class. On the one hand they need a lot of computers that are connected to the internet, but on the other hand only one IP address available, which means there is only one computer that can connect to the internet. This can be overcome by the NAT method. With a NAT gateway running on one computer, an IP address can be shared with several other computers and they can connect to the internet simultaneously.



Suppose we want to hide the local network / LAN 192.168.0.0/24 202.51.192.42 behind one IP address provided by ISP, which we use is a feature of Mikrotik source network address translation (masquerading). Masquerading changes the data packets from the IP address and port from network 192.168.0.0/24 to 202.51.192.42 to be next to the global Internet network.

To use masquerading, source NAT rule with action 'masquerade' should be added to the firewall configuration:
[admin@ MikroTik]> / ip firewall nat add chain = srcnat action = masquerade out-interface = public

0 Comment:

Post a Comment