ok have the same problem i am strggeling to understad what needs to be added and what goes where can somone plz help me with my portfowading it seems to go out the other interfsce that it came in from!
here is my conf:
mangel:
0 chain=input action=mark-connection new-connection-mark=wan1_conn
passthrough=no in-interface=ether1-mweb
1 chain=input action=mark-connection new-connection-mark=wan2_conn
passthrough=no in-interface=ether2-is
2 chain=output action=mark-routing new-routing-mark=to_wan1 passthrough=no
connection-mark=wan1_conn
3 chain=output action=mark-routing new-routing-mark=to_wan2 passthrough=no
connection-mark=wan2_conn
4 chain=prerouting action=accept dst-address=41.134.110.0/28
in-interface=ether5-lan
5 chain=prerouting action=accept dst-address=196.212.100.0/28
in-interface=ether5-lan
6 ;;; ''
chain=prerouting action=mark-connection new-connection-mark=wan1_conn
passthrough=yes dst-address-type=!local in-interface=ether5-lan
per-connection-classifier=both-addresses:2/0
7 ;;; ''
chain=prerouting action=mark-connection new-connection-mark=wan2_conn
passthrough=yes dst-address-type=!local in-interface=ether5-lan
per-connection-classifier=both-addresses:2/1
8 chain=prerouting action=mark-routing new-routing-mark=to_wan1
passthrough=no in-interface=ether5-lan connection-mark=wan1_conn
9 chain=prerouting action=mark-routing new-routing-mark=to_wan2
passthrough=no in-interface=ether5-lan connection-mark=wan2_conn
nat:
0 chain=srcnat action=masquerade out-interface=ether1-mweb
1 chain=srcnat action=masquerade out-interface=ether2-is
2 ;;; Loop Back
chain=srcnat action=masquerade src-address=192.168.88.0/24
dst-address=192.168.88.2
3 ;;; FTP-SSH
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=20-22
protocol=tcp dst-address=41.134.110.111 dst-port=20-22
4 ;;; FTP-SSH
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=20-22
protocol=tcp dst-address=196.212.100.111 dst-port=20-22
5 ;;; WEB-APP
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=80-81
protocol=tcp dst-address=41.134.110.111 dst-port=80-81
6 ;;; WEB-APP
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=80-81
protocol=tcp dst-address=196.212.100.111 dst-port=80-81
7 ;;; HTTPS
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=443
protocol=tcp dst-address=41.134.110.111 dst-port=443
8 ;;; HTTPS
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=443
protocol=tcp dst-address=196.212.100.111 dst-port=443
9 ;;; CASHFREE
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=3203-3206
protocol=tcp dst-address=41.134.110.111 dst-port=3203-3206
10 ;;; CASHFREE
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=3203-3206
protocol=tcp dst-address=196.212.100.111 dst-port=3203-3206
11 ;;; VNC
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=5900-5935
protocol=tcp dst-address=41.134.110.111 dst-port=5900-5935
12 ;;; VNC
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=5900-5935
protocol=tcp dst-address=196.212.100.111 dst-port=5900-5935
13 ;;; CASHFREE
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=6000-6020
protocol=tcp dst-address=41.134.110.111 dst-port=6000-6020
14 ;;; CASHFREE
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=6000-6020
protocol=tcp dst-address=196.212.100.111 dst-port=6000-6020
15 ;;; KODE-PROGRAM
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=7000
protocol=tcp dst-address=41.134.110.111 dst-port=7000
16 ;;; KODE-PROGRAM
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=7000
protocol=tcp dst-address=196.212.100.111 dst-port=7000
17 ;;; ECS-COMMUNICATOR
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=8080-8082
protocol=tcp dst-address=41.134.110.111 dst-port=8080-8082
18 ;;; ECS-COMMUNICATOR
chain=dstnat action=dst-nat to-addresses=192.168.88.2 to-ports=8080-8082
protocol=tcp dst-address=196.212.100.111 dst-port=8080-8082
routes:
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 41.134.110.110 1
1 A S 0.0.0.0/0 196.212.100.110 1
2 A S 0.0.0.0/0 41.134.110.110 1
3 S 0.0.0.0/0 196.212.100.110 2
4 ADC 41.134.110.0/28 41.134.110.111 ether1-mweb 0
5 ADC 192.168.88.0/24 192.168.88.1 ether5-lan 0
6 ADC 196.212.100.112/28 196.212.100.111 ether2-is 0
plz if aneyone can point the problem out plz tell me how to fix this problem?
saw ther was somthing on http://forum.mikrotik.com/viewtopic.php?f=14&t=49816 but no luck can't figure it out!