Masquerade from WLAN to LAN in router mode

Hi, could Cambium create a src-nat rule so that all traffic coming from the management interface (vlan over wlan1) is masked to an internal computer that has no gateway?

The network diagram would be:

ePMP2000 <-> SM (F130 / Mikrotik) <-> AP-LAN (client house)

The SM has an IP in its pppoe and a management interface on a vlan. On the ethernet, it has ip 192.168.0.254. The wireless AP in the client's house has the IP 192.168.0.1 but this equipment I can not put a gateway and if I try to enter, through port forwarding, I can not because the IP that reaches that AP is not from its LAN and does not have gateway ... communication is not established.

When you Elevatethe Mikrotik antenna, the src-nat to the internal router stops working. I would not like to put a new router in the client's house or else the cost of Elevating the equipment goes up.

Thanks.

Hi,

0. ePMP doesn't have wlan1

1. What is AP-LAN device?

2. On which device do you setup port forwarding?

3. It will help if you share the tech support dump from F130, because I am not sure if I understood what you are actually configuring. Especially the following part:

>The wireless AP in the client's house has the IP 192.168.0.1 but this equipment I can not put a gateway and if I try to enter  through port forwarding, I can not because the IP that reaches that AP is not from its LAN and does not have gateway ... communication is not established.

Thanks,

Dmitry

Hi Dmitry,

0. I mean wireless interface of device. Wlan, wlan1, wireless lan, radio, I don't know how you name it.

1. AP-LAN = Access Point in Local Area Network. Access Point in client home. This is a Tenda AP with only IP address, without gateway.

2. Port Forwarding was configured on Mikrotik before Elevate... after that, this port forwarding (nat-port...?) in this same Mikrotik with Cambium firmware dosen't works...

Now?

Thank you,

Can you provide configuration from the SM? I am sorry but it is still not clear what you actually configure.

Dmitry

ok,

MiPc (ip:192.168.1.2 - gw:1.1) -->    1.1-(Router)-2.1 -->   2.2(ePMP200) --))))) 2.3-(SM-NAT Mode)-0.254----0.1(AP at home)

Mi Pc try to connect to 192.168.2.3:2280 that is forwarding to 192.168.0.1:80, but this access point can not has gateway and the source ip in packet is 192.168.2.1, it dosen´t his subnet (192.168.0.0/24) and without gateway it can not response. I need in SM config a rule for all traffic to 192.168.0.1 set ip source 192.168.0.254, this ip address is in his domain and is reacheable for the AP and the conecction will be stablished.

Is a simple masquerade for that destination.

Thanks a lot.

On the attached screenshots I can see tha SM has the following IP addresses:

Wireless 10.225.1.15

Ethernet 192.168.0.254

Separate Management 10.107.141.226

So I am not sure what device has 192.168.2.3. Also "IP Port forwarding" is actually a DNAT with the source policy route rule. Let us check that it actually works on our side.

Dmitry

Dmitry, it was a example. I am trying to explain you what I want to do.

Wireless 10.225.1.15

Ethernet 192.168.0.254

Separate Management 10.107.141.226

I will try with the real data.
My PC tries to connect to 10.107.141.226:2280. The antenna forwards traffic to 192.168.0.1:80. The connection is never established. The source IP, suppose, that arrives is in the range 10.107.141.x and the AP (0.1) does not have a gateway to send to that destination that is not directly connected.

Finally I have seen that this access point (Tenda) has a "Mode AP", with that, it does a dhcp request and get a ip and gateway. that resolve the problem.