Is the VLAN in a VRF? Table route rules? Inbound route to second IP? (As in traffic definitely getting to this router?) Also correct table for other rules? (Could there be an input or output rule blocking or not allowing traffic with that IP? Often I find doing a no interface capture for the private and public IP’s can be helpful as you will capture 3x each packet as it comes in, goes through internal, and goes out the other side. So if it’s a firewall rule dropping it in a chain in the middle you would see which packet does it disappear from. Others may have better ideas. Regards Alexander Alexander Neilson Neilson Productions Limited 021 329 681 alexander@neilson.net.nz
On 2/12/2021, at 16:06, Christopher Hawker <email@chrishawker.com.au> wrote:
Hey folks,
I’m currently working with a CCR1009 and a Cisco switching stack. We have 4 VLANs on the network, and if a device is configured on a VLAN it can ping its gateway, however cannot access the internet if a source NAT rule is configured using a specific public IP. If it is configured as a masquerade, it works using the primary IP for outbound NAT.
What could I be missing?
Thanks, CH
Sent from my iPhone _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au