NAT lab: R1

1. # Config of R1 in NAT lab
2. # Management in EVE-NG:
3. /system identity
4. set name=R1-SSTP-client
5. /tool romon
6. set enabled=yes
7.  
8. # Addresses and routes:
9. /ip address
10. add address=10.1.0.2/30 interface=ether1
11. add address=192.168.1.1/24 interface=ether3
12. /ip route
13. add gateway=10.1.0.1
14.  
15. # DHCP-Server:
16. /ip pool
17. add name=dhcp_pool0 ranges=192.168.1.2-192.168.1.254
18. /ip dhcp-server
19. add address-pool=dhcp_pool0 disabled=no interface=ether3 name=dhcp1
20. /ip dhcp-server network
21. add address=192.168.1.0/24 gateway=192.168.1.1
22.  
23. # NAT
24. /ip firewall nat
25. add action=src-nat chain=srcnat dst-address=10.1.0.6 dst-port=443 protocol=tcp src-address-type=local to-ports=65432 comment="NAT SSTP"
26. add action=masquerade chain=srcnat out-interface=ether2
27.  
28. # SSTP-client
29. /interface sstp-client
30. add connect-to=10.1.0.6 disabled=no name=sstp-out1 profile=default-encryption user=ppp1
31.  
32. # Disable unused services
33. /ip service
34. set telnet disabled=yes
35. set ftp disabled=yes
36. set www disabled=yes
37. set ssh disabled=yes
38. set api disabled=yes
39. set api-ssl disabled=yes