Rules ExplanationTom.2014

Hi there,

I have a question about a firewall rules on a Mikrotik that is created automatically by zima :slight_smile:

Chain : scrnat
src address : xxx.xxx.xxx.xxx/24
( the subnet of pppoe IP we assign to our customer)
Action : masquerade

Does it comes from zima cause when I try to delete it it comes automatically within 1 min ?

What is it made for ?

Thanks for your help
Best Regards

Yes, in order to remove it:
Go to /settings/IP Pools
choose the active pool and edit it.
Unselect the NAT option then save.

Now this rule will not be synchronized to your router.

Let us know if this answered your question.

Thanks for your answer.

But before to remove it, I would like to understand the purpose/role of this rules ?

Thanks
Best Regards

The Online pool has the option of NAT. If selected it takes care of updating the router with a masquerade rule that gives internet access for the online pool.
If not selected, it will not be updated.
Let us know if this was clear, and of you got any other questions.

Thanks for the explanation.

I had an issue that was all my customers was masquerade behind the WAN IP of the router for all outbound traffic and not the WAN IP normaly assigned by Zima.

I had to create a scrnat rules before the NAT rule to get back in the correct way.

Now I disabled it and through zima disable NAT also and everything woks fine.

Thanks
Best Regards