IP mapping - SNAT - with Luci

Installing and Using OpenWrt Network and Wireless Configuration
1

Hi,
I have several subnets.
One subnet per Vlan.
In some of these subnets I have a Host with a web interface.
These hosts do not route traffic, hence they have no default gateway.
In my Management Net, I have a client to access the web interfaces of the hosts.
Because there is no default gateway, I thought I could resolve accessing the web interfaces by using a mapping of ip addresses.

Mgmt Net Client (A) 192.168.199.189/24 - VLAN 199
Host (B) 192.168.190.10/24 - VLAN 190
Host (C) 192.168.191.10/24 - VLAN 191

If Client (A) is accessing Host (B), the firewall should map the Client IP address into the VLAN 190, mapping to/from 192.168.190.189

If Client (A) is accessing Host (C), the firewall should map the Client IP address into the VLAN 191, mapping to/from 192.168.191.189

Can that be solved with openwrt with luci?
How to do?
I played around with SNAT, but no luck.

config nat
  option name 'lan-temp_to_mgmt'
  option family 'ipv4'
  option src '*'
  option src_ip ''192.168.199.189'
  option target 'SNAT'
  option dest_ip '192.168.190.10'
  list proto 'tcp'
  list proto 'udp'
  list proto 'icmp'
2

There is a typo here, the snat_ip option is missing and you should SNAT to the router IP address, e.g.

config nat
        option name 'lan-temp_to_mgmt'
        option src '*'
        option target 'SNAT'
        option src_ip '192.168.199.189'
        option dest_ip '192.168.190.10'
	    option snat_ip '192.168.190.1'
        list proto 'all'
1 Like
3

Thank you,
I had several issues, why it wasnt working.
(VLAN tagging, etc.)
Now it is working.
Is it possible to use a diff. IP than the Router?
Ex.: 192.168.190.189 as SNAT IP?

I remember, years ago I used something like proxyarp and some times I had to map into network, where the subnets had the same ip address ranges.
Maybe it wrong in this case.
Never the less, thank you for your help.

4

In my experience, proxy arp has some annoying side effects and (most importantly) I don't know any ortodox method how to activate it on OpenWrt.

I can think of two options.

  1. Create a static arp entry on the target host, mapping 192.168.190.189 to the router MAC address.
  2. Create an alias, but since I don't know what you gain by not using the router IP, I don't know if this will suit you.
5

The issue with using the router ip is, that I can not differentiate it in the host log files.