Help setting up 1:1 nat - RT-AC88u

Gouldin · Mar 6, 2017

Hi all, have recently got an AC88u. Loving being back on Merlin's firmware.

I'm trying to setup 1:1 nat on my router. I know there are JFFS scripts, but even readin the FAQ for it (Which is well documented I must add) I'm at a loss with where to start.

My Current setup is:

BT Open Reach Modem -> RT-AC88U and in DD-WRT, my script goes like so:

Code:

# Save Startup
WANIF=`get_wanface`
ifconfig $WANIF:1 82.xx.xx.129 netmask 255.255.255.248 broadcast 82.xx.xx.xx
ifconfig $WANIF:2 82.xx.xx.130 netmask 255.255.255.248 broadcast 82.xx.xx.xx
ifconfig $WANIF:3 82.xx.xx.131 netmask 255.255.255.248 broadcast 82.xx.xx.xx
ifconfig $WANIF:4 82.xx.xx.132 netmask 255.255.255.248 broadcast 82.xx.xx.xx
ifconfig $WANIF:5 82.xx.xx.133 netmask 255.255.255.248 broadcast 82.xx.xx.xx






# Save Firewall

# WAN .129 -> LAN .5 (PS4 Pro -)
iptables -t nat -I PREROUTING -d xx.xx.xxx.129 -j DNAT --to 192.168.1.5
iptables -t nat -I POSTROUTING -s 192.168.1.5 -j SNAT --to xx.xx.xxx.129
iptables -I FORWARD -d 192.168.1.5 -j ACCEPT

# WAN .130 -> LAN .6 (WiiU -)
iptables -t nat -I PREROUTING -d xx.xx.xxx.130 -j DNAT --to 192.168.1.6
iptables -t nat -I POSTROUTING -s 192.168.1.6 -j SNAT --to xx.xx.xxx.130
iptables -I FORWARD -d 192.168.1.6 -j ACCEPT

# WAN .131 -> LAN .7 (Switch -)
iptables -t nat -I PREROUTING -d xx.xx.xxx.131 -j DNAT --to 192.168.1.7
iptables -t nat -I POSTROUTING -s 192.168.1.7 -j SNAT --to xx.xx.xxx.131
iptables -I FORWARD -d 192.168.1.7 -j ACCEPT

# WAN .132 -> LAN .8 (PS4 -)
iptables -t nat -I PREROUTING -d xx.xx.xxx.132 -j DNAT --to 192.168.1.8
iptables -t nat -I POSTROUTING -s 192.168.1.8 -j SNAT --to xx.xx.xxx.132
iptables -I FORWARD -d 192.168.1.8 -j ACCEPT

# WAN .133 -> LAN .9 (WiiU -)

iptables -t nat -I PREROUTING -d xx.xx.xxx.133 -j DNAT --to 192.168.1.9
iptables -t nat -I POSTROUTING -s 192.168.1.9 -j SNAT --to xx.xx.xxx.133
iptables -I FORWARD -d 192.168.1.9 -j ACCEPT

So,

I have enabled jffs, telnet. I have Putty. Anyone know how to convert this to work in Asus Merlin?

Gouldin · Mar 6, 2017

So far having sifted through other threads on the subject, I think I've got somewhere.

Nat-Start

Code:

#!/bin/sh

echo 'Start' >> /tmp/000start-nat

iptables -t nat -I PREROUTING -d xx.xx.xx.129 -j DNAT --to 192.168.1.5
iptables -t nat -I POSTROUTING -s 192.168.1.5 -j SNAT --to xx.xx.xx.129
iptables -t nat -I PREROUTING -d xx.xx.xx.130 -j DNAT --to 192.168.1.6
iptables -t nat -I POSTROUTING -s 192.168.1.6 -j SNAT --to xx.xx.xx.130
iptables -t nat -I PREROUTING -d xx.xx.xx.131 -j DNAT --to 192.168.1.7
iptables -t nat -I POSTROUTING -s 192.168.1.7 -j SNAT --to xx.xx.xx.131
iptables -t nat -I PREROUTING -d xx.xx.xx.132 -j DNAT --to 192.168.1.8
iptables -t nat -I POSTROUTING -s 192.168.1.8 -j SNAT --to xx.xx.xx.132
iptables -t nat -I PREROUTING -d xx.xx.xx.133 -j DNAT --to 192.168.1.8
iptables -t nat -I POSTROUTING -s 192.168.1.8 -j SNAT --to xx.xx.xx.133

echo 'End' >> /tmp/000start-nat

And

firewall-start

Code:

#!/bin/sh

for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 0 > $i ; done

iptables -I FORWARD -d 192.168.1.5 -j ACCEPT
iptables -I FORWARD -d 192.168.1.6 -j ACCEPT
iptables -I FORWARD -d 192.168.1.7 -j ACCEPT
iptables -I FORWARD -d 192.168.1.8 -j ACCEPT
iptables -I FORWARD -d 192.168.1.9 -j ACCEPT
iptables -t nat -I POSTROUTING -o br0 -s 192.168.0.0/16 -d 192.168.0.0/16 -j MASQUERADE

Am I on the right track? And how do I upload said files?

Gouldin · Mar 6, 2017

Ok, found this thread, which looks simpler.
https://www.snbforums.com/threads/configuring-multiple-static-wan-ips-through-one-to-one-nat.15300/

How do I save this and make it active on the router? (I can edit to my IP's no problem, just not sure how get jffs to run)

Code:

#!/bin/sh
#
# to restore this configuration, it needs to be saved to /jffs/scripts/nat-start
# on the router.
#
ifconfig ppp0:0 WanIP1 netmask 255.255.255.248 up
iptables -t nat -A PREROUTING -i ppp0 -d WanIP1 -j DNAT --to-destination 192.168.1.10
iptables -t nat -I POSTROUTING -s 192.168.1.10 -j SNAT --to WanIP1
#
ifconfig ppp0:1 WanIP2 netmask 255.255.255.248 up
iptables -t nat -A PREROUTING -i ppp0 -d WanIP2 -j DNAT --to-destination 192.168.1.11
iptables -t nat -I POSTROUTING -s 192.168.1.11 -j SNAT --to WanIP2
#
ifconfig ppp0:2 WanIP3 netmask 255.255.255.248 up
iptables -t nat -A PREROUTING -i ppp0 -d WanIP3 -j DNAT --to-destination 192.168.1.12
iptables -t nat -I POSTROUTING -s 192.168.1.12 -j SNAT --to WanIP3
#
# Port forwards, in case the webui doesn't work, but i think it will.  uncomment below if needed.
# iptables -A FORWARD -p tcp --dport 80 -d 192.168.1.10 -j ACCEPT

Gouldin · Mar 7, 2017

YAY!. Got it working. Config worked a treat.

Thread starter	Title	Forum	Replies	Date
A	Solved Need help setting up DDNS for cloudflare	Asuswrt-Merlin	4	Jan 25, 2024
C	Solved Need help with nat-start scripts	Asuswrt-Merlin	3	Wednesday at 2:31 AM
G	Need help with VPN	Asuswrt-Merlin	2	Tuesday at 9:07 AM
P	Help with traffic filtering	Asuswrt-Merlin	0	Apr 19, 2024
C	Need some help with a DHCP problem	Asuswrt-Merlin	9	Apr 14, 2024
S	Help Required AC68U (TM-AC1900) troubleshooting after power outage	Asuswrt-Merlin	3	Apr 9, 2024
C	Need help with GT-AXE11000 and DNS Director	Asuswrt-Merlin	0	Apr 5, 2024
	need help with network loop.	Asuswrt-Merlin	9	Apr 1, 2024
J	Help - duckdns has started returning an IPv6 IP address	Asuswrt-Merlin	1	Mar 27, 2024
A	Help Required Upgrading AC68U from Stock FW to Merlin Please?	Asuswrt-Merlin	15	Mar 25, 2024

Search

Search

Help setting up 1:1 nat - RT-AC88u

Gouldin

Regular Contributor

Gouldin

Regular Contributor

Gouldin

Regular Contributor

Gouldin

Regular Contributor

Similar threads

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Members online