I am a real beginner and would appreciate a really simple explanation using the Webfig how I can access my CCTV (or anything else for that matter) which sits on port 88 by using my externally published IP.
e.g So internally it sits on say 198.168.0.50:88 Externally it sits on 247.250.211.96:88
If I go to the external address from inside the network It doesn’t work. My previous basic netgear seemed to do this without a problem (not sure if I did anything)
Appreciate SIMPLE steps.
Thanks
I think that you need Port Forwarding:
https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT#Destination_NAT
Being more specific:
/ip firewall nat add action=dst-nat chain=dstnat dst-address=247.250.211.96 dst-port=88 protocol=tcp to-addresses=198.168.0.50 to-ports=88
Hope I can help you!
No its not port forwarding think it may be something called Hairpin or perhaps NAT Loopback?
I have a video which should explain what you need. You need hairpin NAT bit your port forwards need to be done in a specific way;
https://youtu.be/_kw_bQyX-3U
Ah ok, I’m sorry!
Hairpin NAT is here if you want to read more about it:
https://wiki.mikrotik.com/wiki/Hairpin_NAT
To your example, you can use:
/ip firewall nat add chain=srcnat src-address=198.168.0.0/24 dst-address=198.168.0.50 protocol=tcp dst-port=88 out-interface=LAN action=masquerade
Change “out-interface” to your LAN interface. If you are using webfig, you can use a Terminal to add this rule.
Very nice! 
Really appreciate your help.
I suspect the “network engineer”!! Who set this up has made a right pigs ear of it.. If I go to the externally published address without any port - it goes straight to my Router login page, which I doubt is a good idea!!!
Ive attached what it currently looks like (I just put in the top line from the video you posted.)
Thanks
