是这样,
我有个RB750Gr3,
架构大概如下,
https://imgur.com/PMakKy6
我希望手机在内网,
可以透过 my_domain_B 连回NAS,
可是摸了好几天还是不会弄,
请求协助。
/ip firewall address-list
add address=192.168.1.0/24 list=LAN_IP
add address=my_domain_A list=WAN_IP
add address=my_domain_B list=NEXTCLOUD_WAN_IP
/ip firewall mangle
add action=mark-connection chain=input in-interface=pppoe-out1 \
new-connection-mark=pppoe1_conn passthrough=yes
add action=mark-routing chain=output connection-mark=pppoe1_conn \
new-routing-mark=normal_wan passthrough=yes
add action=mark-connection chain=input in-interface=pppoe-out2 \
new-connection-mark=pppoe2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=pppoe2_conn \
new-routing-mark=nextcloud_wan passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="HAIRPIN NAT" dst-address=\
192.168.1.0/24 src-address=192.168.1.0/24
add action=masquerade chain=srcnat comment="Local to WAN" out-interface-list=\
WAN
add action=masquerade chain=srcnat comment="Local to LAN" disabled=yes \
out-interface-list=LAN
add action=dst-nat chain=dstnat comment="IP CAM_WANin" dst-address-list=\
WAN_IP dst-port=9999 protocol=tcp to-addresses=192.168.1.7 to-ports=8888
add action=dst-nat chain=dstnat comment=NextCloud_WANin dst-address-list=\
NEXTCLOUD_WAN_IP dst-port=80 protocol=tcp to-addresses=192.168.1.12 \
to-ports=80
add action=dst-nat chain=dstnat dst-address-list=NEXTCLOUD_WAN_IP dst-port=\
443 protocol=tcp to-addresses=192.168.1.12 to-ports=443
/ip route
add distance=1 gateway=pppoe-out1 routing-mark=normal_wan
add distance=1 gateway=pppoe-out2 routing-mark=nextcloud_wan
add distance=1 gateway=pppoe-out1
add distance=2 gateway=pppoe-out2
/ip route rule
add src-address=192.168.1.12/32 table=nextcloud_wan
/interface pppoe-client
add disabled=no interface=ether1 name=pppoe-out1 password=USRPWD1 \
use-peer-dns=yes user=USER1
add disabled=no interface=ether1 name=pppoe-out2 password=USRPWD2 \
use-peer-dns=yes user=USER2