Community discussions

MikroTik App
  4. RouterOS
  5. Forwarding Protocols

Access Multiple Devices with Same IP Address

Post Reply
 
thefear
just joined
Topic Author
Posts: 23
Joined: Wed Jan 18, 2017 1:40 am

Access Multiple Devices with Same IP Address

Sat Mar 04, 2017 11:34 pm

Hi,

I want to access several devices connected to Mikrotik at the same time. The problem is device IP address cannot be changed and gateway cannot be set.
I think this can be done only with routing. I don't know how to configure it. Please help me. Plan is attached.
To connect to these devices is used Windows application and the port(s) for communication with the computer is unknown. This means that all ports must be forwarded.

Thanks in advance.
You do not have the required permissions to view the files attached to this post.
Top
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Re: Access Multiple Devices with Same IP Address

Sun Mar 05, 2017 3:22 am

You will need to use the metarouter most probably or vrf maybe. May happen that nothing will help you if the application looks for fixed ip only. Rather convince the devices to be able to accept address configuration change or use normally working network devices instead.
Top
 
Sob
Forum Guru
Forum Guru
Posts: 9121
Joined: Mon Apr 20, 2009 9:11 pm

Re: Access Multiple Devices with Same IP Address

Sun Mar 05, 2017 4:03 am

It should be doable with NAT and some tricks. Obviously you can't just connect to 192.168.1.1, because router would not know which one you mean. So you'd need some "virtual" addresses and dstnat from them (your Windows application must be able to use different address, otherwise you have no chance). Each device would have to be connected to dedicated port, with a manual route in different routing table for each, and you'd have to mark routing depending on original target address. Finally, if those devices don't have any default gateway, a srcnat rule would be required to make your connections appear to come from same subnet.
Top
 
thefear
just joined
Topic Author
Posts: 23
Joined: Wed Jan 18, 2017 1:40 am

Re: Access Multiple Devices with Same IP Address

Sun Mar 05, 2017 2:12 pm

It should be doable with NAT and some tricks. Obviously you can't just connect to 192.168.1.1, because router would not know which one you mean. So you'd need some "virtual" addresses and dstnat from them (your Windows application must be able to use different address, otherwise you have no chance). Each device would have to be connected to dedicated port, with a manual route in different routing table for each, and you'd have to mark routing depending on original target address. Finally, if those devices don't have any default gateway, a srcnat rule would be required to make your connections appear to come from same subnet.
I tried to do what you said, but maybe I'm wrong somewhere. This is the code:
Code: Select all
/interface ethernet
set [ find default-name=ether1 ] name=ETH-1
set [ find default-name=ether2 ] name=ETH-2
set [ find default-name=ether3 ] name=ETH-3
set [ find default-name=ether4 ] name=ETH-4
/interface bridge
add name=bridge1
add name=bridge2
add name=bridge3
add name=bridge4
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
    disabled=no distance=indoors frequency=auto mode=ap-bridge name=WLAN ssid=\
    MikroTik wireless-protocol=802.11
/ip neighbor discovery
set ETH-1 discover=no
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge2 interface=ETH-2
add bridge=bridge interface=WLAN
add bridge=bridge1 interface=ETH-1
add bridge=bridge3 interface=ETH-3
add bridge=bridge4 interface=ETH-4
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
    192.168.88.0
add address=192.168.0.101/24 interface=bridge1 network=192.168.0.0
add address=192.168.0.102/24 interface=bridge2 network=192.168.0.0
add address=192.168.0.103/24 interface=bridge3 network=192.168.0.0
add address=192.168.0.104/24 interface=bridge4 network=192.168.0.0
add address=192.168.1.2/24 interface=bridge1 network=192.168.1.0
add address=192.168.1.2/24 interface=bridge2 network=192.168.1.0
add address=192.168.1.2/24 interface=bridge3 network=192.168.1.0
add address=192.168.1.2/24 interface=bridge4 network=192.168.1.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=ETH-1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
    connection-state=established,related
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
    connection-state=established,related
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address=192.168.0.101 \
    new-routing-mark=rm1 passthrough=yes
add action=mark-routing chain=prerouting dst-address=192.168.0.102 \
    new-routing-mark=rm2 passthrough=yes
add action=mark-routing chain=prerouting dst-address=192.168.0.103 \
    new-routing-mark=rm3 passthrough=yes
add action=mark-routing chain=prerouting dst-address=192.168.0.104 \
    new-routing-mark=rm4 passthrough=yes
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=192.168.0.101 routing-mark=rm1 \
    to-addresses=192.168.1.1
add action=dst-nat chain=dstnat dst-address=192.168.0.102 log=yes routing-mark=\
    rm2 to-addresses=192.168.1.1
add action=dst-nat chain=dstnat dst-address=192.168.0.103 routing-mark=rm3 \
    to-addresses=192.168.1.1
add action=dst-nat chain=dstnat dst-address=192.168.0.104 routing-mark=rm4 \
    to-addresses=192.168.1.1
/ip route
add distance=1 dst-address=192.168.0.101/32 gateway=bridge1 routing-mark=rm1
add distance=1 dst-address=192.168.0.102/32 gateway=bridge2 routing-mark=rm2
add distance=1 dst-address=192.168.0.103/32 gateway=bridge3 routing-mark=rm3
add distance=1 dst-address=192.168.0.104/32 gateway=bridge4 routing-mark=rm4
Top
 
Sob
Forum Guru
Forum Guru
Posts: 9121
Joined: Mon Apr 20, 2009 9:11 pm

Re: Access Multiple Devices with Same IP Address

Sun Mar 05, 2017 3:19 pm

Check this thread, it has working solution for same problem. Just skip tcp/80 condition in dstnat to make it work for all traffic.
Top
 
User avatar
shaoranrch
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Feb 13, 2014 8:03 pm

Re: Access Multiple Devices with Same IP Address

Sun Mar 05, 2017 7:09 pm

Hi,

I want to access several devices connected to Mikrotik at the same time. The problem is device IP address cannot be changed and gateway cannot be set.
I think this can be done only with routing. I don't know how to configure it. Please help me. Plan is attached.
To connect to these devices is used Windows application and the port(s) for communication with the computer is unknown. This means that all ports must be forwarded.

Thanks in advance.

The following will work (I tested this already)
Code: Select all
/ip address
add address=172.16.0.1/24 interface=ether8 network=172.16.0.0
add address=192.168.1.100/24 interface=ether1 network=192.168.1.0
add address=192.168.1.101/24 interface=ether2 network=192.168.1.0
add address=192.168.1.102/24 interface=ether3 network=192.168.1.0
add address=192.168.1.103/24 interface=ether4 network=192.168.1.0

/ip firewall address-list
add address=10.0.0.1 list=translate-to-dev
add address=10.0.0.2 list=translate-to-dev
add address=10.0.0.3 list=translate-to-dev
add address=10.0.0.4 list=translate-to-dev

/ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address=10.0.0.1 \
    new-connection-mark=dev01 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address=10.0.0.2 \
    new-connection-mark=dev02 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address=10.0.0.3 \
    new-connection-mark=dev03 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address=10.0.0.4 \
    new-connection-mark=dev04 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=dev01 new-routing-mark=dev01 passthrough=no
add action=mark-routing chain=prerouting connection-mark=dev02 new-routing-mark=dev02 passthrough=no
add action=mark-routing chain=prerouting connection-mark=dev03 new-routing-mark=dev03 passthrough=no
add action=mark-routing chain=prerouting connection-mark=dev04 new-routing-mark=dev04 passthrough=no

/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat out-interface=ether2
add action=masquerade chain=srcnat out-interface=ether3
add action=masquerade chain=srcnat out-interface=ether4
add action=dst-nat chain=dstnat dst-address-list=translate-to-dev to-addresses=192.168.1.1

/ip route
add distance=1 dst-address=192.168.1.0/24 gateway=ether1 routing-mark=dev01
add distance=1 dst-address=192.168.1.0/24 gateway=ether2 routing-mark=dev02
add distance=1 dst-address=192.168.1.0/24 gateway=ether3 routing-mark=dev03
add distance=1 dst-address=192.168.1.0/24 gateway=ether4 routing-mark=dev04
Assuming ether8 is the connection to your computer (network 172.16.0.0/24), this code basically does the following:

(assuming we want to connect to device-01 in your diagram, which on this configuration is assumed to be on ether1)

1.- First marks the connection based on its destination, since we want to connect to device 01, we need to connect using the address 10.0.0.1, once a packet reaches the router with this destination it'll basically mark the connection as "dev01"
2.- Then it marks the routing of the packet to use dev01 routing-table (this sends the packet via ether1 for destination 192.168.1.0/24)
3.- Translates destination 10.0.0.1 to 192.168.1.1
4.- Sets the source as the IP address configured on the interface (on ether1 this basically sets the source as 192.168.1.100). Thus the device doesn't even need to have a gateway configured as long its network configuration uses as network 192.168.0.0/24

This actually works due to how RouterOS processes packets, dst-nat happens after the mangle-prerouting, which allows the classification of the traffic before it's dst-nated (which happens before a routing decision as well). Check it here: https://wiki.mikrotik.com/wiki/Manual:Packet_Flow_v6

All you gotta do, is make sure traffic with destination 10.0.0.X reaches the router and it'll do the rest, in the configuration:
10.0.0.1 -> Connects to dev01
10.0.0.2 -> Connects to dev02
10.0.0.3 -> Connects to dev03
10.0.0.4 -> Connects to dev04

And this applies for any traffic actually (TCP, UDP, ICMP, etc.)
Top
 
thefear
just joined
Topic Author
Posts: 23
Joined: Wed Jan 18, 2017 1:40 am

Re: Access Multiple Devices with Same IP Address

Mon Mar 06, 2017 11:37 pm

Thanks for fast answers. It works perfect, but I need one more thing.

When try to update software or download report from device connection can not be established.
Is it possible to do this without setting device gateway?
Top
 
User avatar
shaoranrch
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Feb 13, 2014 8:03 pm

Re: Access Multiple Devices with Same IP Address

Tue Mar 07, 2017 5:26 am

Thanks for fast answers. It works perfect, but I need one more thing.

When try to update software or download report from device connection can not be established.
Is it possible to do this without setting device gateway?
Hello,

If you mean initiating the connection from the device itself, you'll need a gateway of some sort or a static route, else the device really won't know to where send the traffic to, unless you set as destination a local IP from 192.168.0.0/24 and then do some dst-nat as well.
Top
 
thefear
just joined
Topic Author
Posts: 23
Joined: Wed Jan 18, 2017 1:40 am

Re: Access Multiple Devices with Same IP Address

Fri Mar 10, 2017 4:56 pm

Hello,

If you mean initiating the connection from the device itself, you'll need a gateway of some sort or a static route, else the device really won't know to where send the traffic to, unless you set as destination a local IP from 192.168.0.0/24 and then do some dst-nat as well.
Hello,

I try what you say and it works only for reports. Software can not be loaded.
I try to see what is difference between traffic with Mikrotik and without it.
When is connected directly to the device I see that device use LLC protocol, but when I am connected to Mikrotik this traffic does not pass.

Do you have any suggestions?

Thanks in advance.
Top
 
Sob
Forum Guru
Forum Guru
Posts: 9121
Joined: Mon Apr 20, 2009 9:11 pm

Re: Access Multiple Devices with Same IP Address

Fri Mar 10, 2017 6:38 pm

I'm not familiar with LLC, but quick search says that it's layer 2 protocol. IP firewall (layer 3) won't help you with that. It would pass between ports in bridge, but if you bridge ports, I don't think you could combine it with original NAT trick.
Top
 
johnztar
just joined
Posts: 1
Joined: Mon Nov 26, 2018 2:53 pm

Re: Access Multiple Devices with Same IP Address

Mon Nov 26, 2018 5:41 pm

How did you solve this? I am having the same issue as you and I've tried @shaoranrch's suggestion but for some reason I receive a Host net unreachable(no lost packages) when pinging 10.0.0.1/10.0.0.2. Could you please post your config file, if possible? Thanks
Top
 
thefear
just joined
Topic Author
Posts: 23
Joined: Wed Jan 18, 2017 1:40 am

Re: Access Multiple Devices with Same IP Address

Fri Mar 15, 2019 12:16 am

Hello.
I don't use that anymore, but I searched for backup and today I found one.

Here you go:
Code: Select all
/interface bridge
add auto-mac=no fast-forward=no name=LAN
add fast-forward=no name="br1"
add fast-forward=no name="br2"
add fast-forward=no name="br3"
add fast-forward=no name="br4"
add fast-forward=no name=WAN
/interface ethernet
set [ find default-name=ether3 ] name=ETH-3
set [ find default-name=ether4 ] name=ETH-4
set [ find default-name=ether5 ] name=ETH-5
set [ find default-name=ether2 ] name=ETH-2
set [ find default-name=ether1 ] name=ETH-1
/ip pool
add name=dhcp_pool0 ranges=192.168.0.200-192.168.0.254
/ip dhcp-server
add address-pool=dhcp_pool0 authoritative=after-2sec-delay disabled=no \
    interface=LAN name="DHCP LAN"
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/interface bridge port
add bridge="br2" hw=no interface=ETH-2
add bridge="br1" hw=no interface=ETH-1
add bridge="br3" hw=no interface=ETH-3
add bridge="br4" hw=no interface=ETH-4
/ip settings
set accept-redirects=yes accept-source-route=yes
/ip address
add address=192.168.0.1/24 interface=LAN network=192.168.0.0
add address=192.168.0.11/24 interface=LAN network=192.168.0.0
add address=192.168.0.12/24 interface=LAN network=192.168.0.0
add address=192.168.0.13/24 interface=LAN network=192.168.0.0
add address=192.168.0.14/24 interface=LAN network=192.168.0.0
add address=192.168.255.11/24 interface="br1" network=\
    192.168.255.0
add address=192.168.255.12/24 interface="br2" network=\
    192.168.255.0
add address=192.168.255.13/24 interface="br3" network=\
    192.168.255.0
add address=192.168.255.14/24 interface="br4" network=\
    192.168.255.0
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address=192.168.0.11 \
    new-connection-mark=port1
add action=mark-connection chain=prerouting dst-address=192.168.0.12 \
    new-connection-mark=port2
add action=mark-connection chain=prerouting dst-address=192.168.0.13 \
    new-connection-mark=port3
add action=mark-connection chain=prerouting dst-address=192.168.0.14 \
    new-connection-mark=port4
add action=mark-routing chain=prerouting connection-mark=port1 \
    new-routing-mark=port1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port2 \
    new-routing-mark=port2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port3 \
    new-routing-mark=port3 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port4 \
    new-routing-mark=port4 passthrough=no
add action=mark-connection chain=prerouting dst-address=192.168.255.12 \
    new-connection-mark=port22 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=port22 \
    new-routing-mark=port22 passthrough=no
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=192.168.0.11 \
    to-addresses=192.168.255.129
add action=dst-nat chain=dstnat dst-address=192.168.0.12 to-addresses=\
    192.168.255.129
add action=dst-nat chain=dstnat dst-address=192.168.0.13 to-addresses=\
    192.168.255.129
add action=dst-nat chain=dstnat dst-address=192.168.0.14 to-addresses=\
    192.168.255.129
add action=masquerade chain=srcnat out-interface="br1"
add action=masquerade chain=srcnat out-interface="br2"
add action=masquerade chain=srcnat out-interface="br3"
add action=masquerade chain=srcnat out-interface="br4"
add action=masquerade chain=srcnat out-interface=LAN
add action=dst-nat chain=dstnat dst-address=192.168.255.12 to-addresses=\
    192.168.0.30
/ip route
add distance=1 dst-address=192.168.255.0/24 gateway="br1" \
    routing-mark=port1
add distance=1 dst-address=192.168.255.129/32 gateway="br2" \
    routing-mark=port2
add distance=1 dst-address=192.168.255.0/24 gateway="br3" \
    routing-mark=port3
add distance=1 dst-address=192.168.255.0/24 gateway="br4" \
    routing-mark=port4
add distance=1 dst-address=192.168.255.0/24 gateway=LAN routing-mark=port22
I hope that will be helpful. If you have some questions it will be hard to answer, because I don't remember everything. I use it only for 2 days, because it's a layer 3 and I need layer 2 for LLC protocol. Now layer 2 option with VLANs is perfect for me.

May be the code with port22 was just test option, but I'm not sure now.

Edit: I will start another project soon and I'll need layer3 option again. I will make new configuration which will be attached later.

BR.
Top
 
thefear
just joined
Topic Author
Posts: 23
Joined: Wed Jan 18, 2017 1:40 am

Re: Access Multiple Devices with Same IP Address

Sat Mar 23, 2019 5:57 pm

Hello.

New script below.
Code: Select all
/interface ethernet
set [ find default-name=ether1 ] name=eth1
set [ find default-name=ether2 ] name=eth2
set [ find default-name=ether3 ] name=eth3
set [ find default-name=ether4 ] name=eth4
/interface bridge
add name=LAN
add name=br1
add name=br2
add name=br3
add name=br4
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
    disabled=no frequency=2422 hide-ssid=yes mode=ap-bridge name=wlan ssid=MT \
    wireless-protocol=802.11
add disabled=no keepalive-frames=disabled \
    master-interface=wlan multicast-buffering=disabled name=wlan-mgmt ssid=\
    mgmt wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=LAN interface=wlan-mgmt
add bridge=br1 hw=no interface=eth1
add bridge=br2 hw=no interface=eth2
add bridge=br3 hw=no interface=eth3
add bridge=br4 hw=no interface=eth4
/ip settings
set accept-redirects=yes
/ip address
add address=192.168.1.1/24 interface=LAN network=192.168.1.0
add address=192.168.1.11/24 interface=LAN network=192.168.1.0
add address=192.168.1.12/24 interface=LAN network=192.168.1.0
add address=192.168.1.13/24 interface=LAN network=192.168.1.0
add address=192.168.1.14/24 interface=LAN network=192.168.1.0
add address=192.168.0.11/24 interface=br1 network=192.168.0.0
add address=192.168.0.12/24 interface=br2 network=192.168.0.0
add address=192.168.0.13/24 interface=br3 network=192.168.0.0
add address=192.168.0.14/24 interface=br4 network=192.168.0.0
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address=192.168.1.11 \
    new-connection-mark=port1
add action=mark-connection chain=prerouting dst-address=192.168.1.12 \
    new-connection-mark=port2
add action=mark-connection chain=prerouting dst-address=192.168.1.13 \
    new-connection-mark=port3
add action=mark-connection chain=prerouting dst-address=192.168.1.14 \
    new-connection-mark=port4
add action=mark-routing chain=prerouting connection-mark=port1 \
    new-routing-mark=port1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port2 \
    new-routing-mark=port2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port3 \
    new-routing-mark=port3 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port4 \
    new-routing-mark=port4 passthrough=no
add action=mark-connection chain=prerouting disabled=yes dst-address=\
    192.168.0.12 new-connection-mark=port2_2 passthrough=yes
add action=mark-connection chain=prerouting disabled=yes dst-address=\
    192.168.0.11 new-connection-mark=port1_2 passthrough=yes
add action=mark-connection chain=prerouting disabled=yes dst-address=\
    192.168.0.13 new-connection-mark=port3_2 passthrough=yes
add action=mark-connection chain=prerouting disabled=yes dst-address=\
    192.168.0.14 new-connection-mark=port4_2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=port2_2 disabled=yes \
    new-routing-mark=port2_2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port1_2 disabled=yes \
    new-routing-mark=port1_2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port3_2 disabled=yes \
    new-routing-mark=port3_2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port4_2 disabled=yes \
    new-routing-mark=port4_2 passthrough=no
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=192.168.1.11 to-addresses=\
    192.168.0.100
add action=dst-nat chain=dstnat dst-address=192.168.1.12 to-addresses=\
    192.168.0.100
add action=dst-nat chain=dstnat dst-address=192.168.1.13 to-addresses=\
    192.168.0.100
add action=dst-nat chain=dstnat dst-address=192.168.1.14 to-addresses=\
    192.168.0.100
add action=masquerade chain=srcnat out-interface=br1
add action=masquerade chain=srcnat out-interface=br2
add action=masquerade chain=srcnat out-interface=br3
add action=masquerade chain=srcnat out-interface=br4
add action=masquerade chain=srcnat out-interface=LAN
add action=dst-nat chain=dstnat dst-address=192.168.0.12 to-addresses=\
    192.168.1.9
add action=dst-nat chain=dstnat dst-address=192.168.0.14 to-addresses=\
    192.168.1.9
add action=dst-nat chain=dstnat dst-address=192.168.0.11 to-addresses=\
    192.168.1.9
add action=dst-nat chain=dstnat dst-address=192.168.0.13 to-addresses=\
    192.168.1.9
/ip route
add distance=1 dst-address=192.168.0.0/24 gateway=br1 routing-mark=port1
add distance=1 dst-address=192.168.0.0/24 gateway=br2 routing-mark=port2
add distance=1 dst-address=192.168.0.0/24 gateway=br3 routing-mark=port3
add distance=1 dst-address=192.168.0.0/24 gateway=br4 routing-mark=port4
add distance=1 dst-address=192.168.0.0/24 gateway=LAN routing-mark=port2_2
add distance=1 dst-address=192.168.0.0/24 gateway=LAN routing-mark=port1_2
add distance=1 dst-address=192.168.0.0/24 gateway=LAN routing-mark=port3_2
add distance=1 dst-address=192.168.0.0/24 gateway=LAN routing-mark=port4_2
In this example PC IP address is 192.168.1.9 and the device's IP address is 192.168.0.100.

This has been created on hAP lite v6.44.1 and as you see PC has been connected to wireless ap. If you want you can change it to eth port, but in this case you lose one of the ports for devices.

BR
Top
 
nPaceTo
just joined
Posts: 2
Joined: Sat Nov 18, 2023 7:31 pm

Re: Access Multiple Devices with Same IP Address

Thu Apr 18, 2024 3:50 pm

Hi all,

Can someone help me with the configuration of the RB941? The computer should be connected via wifi to the router on which on each port will be connected equipment with IP 169.254.5.2. The PC IP should be 169.254.5.1. The idea is with different IPs (assigned to the specific port) to be able to access each device.
Code: Select all
/interface ethernet
set [ find default-name=ether1 ] name=eth1
set [ find default-name=ether2 ] name=eth2
set [ find default-name=ether3 ] name=eth3
set [ find default-name=ether4 ] name=eth4
/interface bridge
add name=LAN
add name=br1
add name=br2
add name=br3
add name=br4
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
    disabled=no frequency=2422 hide-ssid=yes mode=ap-bridge name=wlan ssid=MT \
    wireless-protocol=802.11
add disabled=no keepalive-frames=disabled \
    master-interface=wlan multicast-buffering=disabled name=wlan-mgmt ssid=\
    mgmt wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=Test_ver.1.1
/interface bridge port
add bridge=LAN interface=wlan-mgmt
add bridge=br1 hw=no interface=eth1
add bridge=br2 hw=no interface=eth2
add bridge=br3 hw=no interface=eth3
add bridge=br4 hw=no interface=eth4
/ip settings
set accept-redirects=yes
/ip address
add address=169.254.5.50/24 interface=LAN network=169.254.0.0
add address=169.254.5.51/24 interface=LAN network=169.254.0.0
add address=169.254.5.52/24 interface=LAN network=169.254.0.0
add address=169.254.5.53/24 interface=LAN network=169.254.0.0
add address=169.254.5.54/24 interface=LAN network=169.254.0.0
add address=169.254.5.81/24 interface=br1 network=169.254.0.0
add address=169.254.5.82/24 interface=br2 network=169.254.0.0
add address=169.254.5.83/24 interface=br3 network=169.254.0.0
add address=169.254.5.84/24 interface=br4 network=169.254.0.0
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address=169.254.5.51 \
    new-connection-mark=port1
add action=mark-connection chain=prerouting dst-address=169.254.5.52 \
    new-connection-mark=port2
add action=mark-connection chain=prerouting dst-address=169.254.5.53 \
    new-connection-mark=port3
add action=mark-connection chain=prerouting dst-address=169.254.5.54 \
    new-connection-mark=port4
add action=mark-routing chain=prerouting connection-mark=port1 \
    new-routing-mark=port1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port2 \
    new-routing-mark=port2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port3 \
    new-routing-mark=port3 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port4 \
    new-routing-mark=port4 passthrough=no
add action=mark-connection chain=prerouting disabled=yes dst-address=\
    169.254.5.82 new-connection-mark=port2_2 passthrough=yes
add action=mark-connection chain=prerouting disabled=yes dst-address=\
    169.254.5.81 new-connection-mark=port1_2 passthrough=yes
add action=mark-connection chain=prerouting disabled=yes dst-address=\
    169.254.5.83 new-connection-mark=port3_2 passthrough=yes
add action=mark-connection chain=prerouting disabled=yes dst-address=\
    169.254.5.84 new-connection-mark=port4_2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=port2_2 disabled=yes \
    new-routing-mark=port2_2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port1_2 disabled=yes \
    new-routing-mark=port1_2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port3_2 disabled=yes \
    new-routing-mark=port3_2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=port4_2 disabled=yes \
    new-routing-mark=port4_2 passthrough=no
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=169.254.5.51 to-addresses=\
    169.254.5.2
add action=dst-nat chain=dstnat dst-address=169.254.5.52 to-addresses=\
    169.254.5.2
add action=dst-nat chain=dstnat dst-address=169.254.5.53 to-addresses=\
    169.254.5.2
add action=dst-nat chain=dstnat dst-address=169.254.5.54 to-addresses=\
    169.254.5.2
add action=masquerade chain=srcnat out-interface=br1
add action=masquerade chain=srcnat out-interface=br2
add action=masquerade chain=srcnat out-interface=br3
add action=masquerade chain=srcnat out-interface=br4
add action=masquerade chain=srcnat out-interface=LAN
add action=dst-nat chain=dstnat dst-address=169.254.5.82 to-addresses=\
   169.254.5.1
add action=dst-nat chain=dstnat dst-address=169.254.5.84 to-addresses=\
   169.254.5.1
add action=dst-nat chain=dstnat dst-address=169.254.5.81 to-addresses=\
   169.254.5.1
add action=dst-nat chain=dstnat dst-address=169.254.5.83 to-addresses=\
   169.254.5.1
/ip route
add distance=1 dst-address=169.254.5.0/24 gateway=br1 routing-mark=port1
add distance=1 dst-address=169.254.5.0/24 gateway=br2 routing-mark=port2
add distance=1 dst-address=169.254.5.0/24 gateway=br3 routing-mark=port3
add distance=1 dst-address=169.254.5.0/24 gateway=br4 routing-mark=port4
add distance=1 dst-address=169.254.5.0/24 gateway=LAN routing-mark=port2_2
add distance=1 dst-address=169.254.5.0/24 gateway=LAN routing-mark=port1_2
add distance=1 dst-address=169.254.5.0/24 gateway=LAN routing-mark=port3_2
add distance=1 dst-address=169.254.5.0/24 gateway=LAN routing-mark=port4_2
Please don't judge me too hard , I'm a newbie here :)

Thank you !
Top
Post Reply

Who is online

Users browsing this forum: controlc and 10 guests
  4. RouterOS
  5. Forwarding Protocols