i have a web server behind the router mikrotik crs 236 24g . i access my web server from internet all thing work fine . but in local network cant access to my web server
nslookup in local network forwrd to my public ip . i run a dns server on windows server and forward my domain to static ip webserver after this my problem resolved . but i dont know my mikrotik dns forward ti ip public i set dns static is correctly
How should I use this code?
my local network range is 192.168.2.0/24 my router is 192.168.2.1 my webserver is 192.168.2.50 in centos 7 when dnslookup my site in local network forward to ip public . my ip public in 4g modem i dmz to 192.168.14.1 on router . in local network when open my site forward to ip public and open my 4g modem webconfig .
In the example above, I assumed that the Internet enters the router with an sfp1 interface
Set the demilitarized zone in the 4G router to the address of the interface with which you provide Internet access to MikroTik (in this example sfp1). You probably have this interface as dhcp-client
Then set NAT:
/ip firewall nat add action=dst-nat chain=dstnat dst-port=80 protocol=tcp to-addresses=192.168.2.50 to-ports=80 comment=http from WAN
/ip firewall nat add action=dst-nat chain=dstnat dst-port=443 protocol=tcp to-addresses=192.168.2.50 to-ports=443 comment=https from WAN
/ip firewall nat add action=masquerade chain=srcnat dst-address=192.168.2.50 dst-port=80 protocol=tcp src-address=192.168.2.0/24 comment=http from LAN
/ip firewall nat add action=masquerade chain=srcnat dst-address=192.168.2.50 dst-port=443 protocol=tcp src-address=192.168.2.0/24 comment=http from WAN
Suggest you read that back to yourself as it makes no sense. (hint, whether the wanIP is static or dynamic makes no difference on accessing ones server behind the router).
What we need to see is how one has configured his source & destination nat rules and how one has configured the firewall rules, confirm which type of wanIP he/she has and then make the appropriate changes to included hairpin nat.