I have a Fritz box ADSL 10 Meg down and 1 Meg up with a Mikrotik RB450 behind it. My problem is I src-nat all outgoing traffick, which works well. I now added a Polycom ip video conference unit to the ethernet 3 port. All connections from this unit works well, but the moment I add a destination nat to enable incoming calls to reach the Polycom unit, my pptp connections wont connect, how do I still accept pptp connections to the outside of the MT without it being re routed to the polycom.
my configs are.
ether1 = wan
ether2 = xxx.xx.11.0/24
ether3 = xxx.xx.23.0/24
ether1 is connected to the Fritz box, which has no firewall enabled.
ether2 is connected to my admin vlan
ether3 is connected to my 20 hotspots on site.
nat configs are
add action=masquerade chain=srcnat disabled=no out-interface=ether1
add action=dst-nat chain=dstnat disabled=no dst-address=xxx.xxx.xxx.3 to-addresses=xxx.xx.23.50 (Polycom Unit)
with all firewall rules disabled for the moment incoming and outgoing traffick is working normal, Polycom uses H323 and SIP and connections in and out are working. My only problem is the PPTP server listening on ether1 stops accepting connections, existing connections remain connected.
I also need to find a rule to give the Polycom maximum traffick (when a video con is in progress.) and throttle all pptp connections (incoming), hotspot traffick (outgoing) and local proxy connections listening on ether 2 and ether 3 (Outgoing)