subscribe to our Youtube


12015 questions

14299 answers


35961 members

+1 vote
370 views 3 comments
Hi all,

I have a RUTX08, WAN network is and LAN is .

In LAN I have a host that does not have the default gateway configured. I want to access that device from WAN using as a NAT address. RUTX08 should answer ARP requests for in WAN and redirect traffic to LAN host It should also have masquerading so that host sees the traffic coming from RUTX08's address, not from (because of the missing gateway on the host). Returning traffic in WAN should also have as source because hosts in are not aware of network and RUTX08 is not the default gateway in either networks.

So my question is, what iptables rules should I define in the Custom rules section of RUTX08 config? I tried netmap and snat/dnat but didn't succeed, probably missing something.

Thanks in advance!

1 Answer

+1 vote
Ok I was able to resolve this.

I had forgotten to add a sub-interface to WAN (eth1). I added this to System --> Custom scripts:

ifconfig eth1:1 netmask broadcast

Then I added this to Network -> Firewall -> Custom rules:

iptables -t nat -I PREROUTING -d -j DNAT --to-destination

I also turned on Masquerading for both interfaces in Firewall -> General settings.

Everything's working now. It's also easy to add more NAT addresses by replicating above commands, mutatis mutandis.
Best answer
Can you help me using a images whit a step to step?

thanks in advance
I have tried to do this, replicating the example that they explain but I still cannot do the 1:1 NAT, The purpose is that the equipment that has IP in the LAN, can ping it through the IP in the WAN

This is the images of configuration of rutx08 , maybe I'm missing some steps could you help me complete them