I have recently switched from a mainstream home router to a mikrotik router, so I basically have no idea on whats going on what so ever.
I’m currently on an x86 router and I uses winbox 5.24 to configure my settings.
Luckily by following several examples and tutorials online I have successfully set up a home ap with bridging for a DHCP connection (not knowing if it is the most effective setting) and I have managed to get the wifi working.
The problem I’m facing now is how to forward a port properly, I have followed some guides on this topic but still no luck.
Currently I only have
Action=masquerade chain=srcnat Out. interface=Wan under NAT
what i have tried is, say if i wanted to forward port 1234
Action=dst-nat chain=dstnat Protocol= tcp Dst. Port= 1234 in. interface=Wan under NAT
but when i checked online through open forts scanners it says the port 1234/tcp is being filtered instead of open.
Under firewall filter rules, its totally blank for me as I have done nothing there but somehow my internet is working.
Is there something that I’m missing? I am starting to suspect that I must do something uunder filter rules to get port forwarding working.
You need to forward to a dedicated internal IP address, specified by the to-address parameter
Also some firewall rules are needed for security.
Search the web for adviced firewall filter rules.
first you should doing two things on top of all other!
set up a netfilter rule = SPI function
– set up another rule that the netfilter should be used even first by all other following rules
set up nat rules = NAT (Native address translation)
– block or drop all traffic from outside that was not called or ordered from the internal DMZ or LAN zone
So now you have a basic set up for a home environment or also called home network
once more again it is a basic set up, not more and not less!
And then you can starting to set up firewall rules at the WAN interface, and mangle rules at the LAN oder DMZ
interfaces in my eyes.
The MikroTik online manual or wiki pages are a good point to start over with this.
And for a deeper look and feel into the RouterOS system there a two book you can buy over the internet.
