Hi,
I have configured a mikrotik router, It was accessible through public IP before resetting. Now I can access it through cloudflare tunnel but cannot access directly. I have checked configuration but couldn’t figure out what I am doing wrong. TIA
/interface ethernet
set [ find default-name=ether2 ] name=LAN
set [ find default-name=ether1 ] name=WAN1
set [ find default-name=ether3 ] name=WAN2
set [ find default-name=ether4 ] name=WAN3
set [ find default-name=ether5 ] disabled=yes
/interface list
add name=WAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip firewall layer7-protocol
add name=torrent-tcp regexp=“^(\x13BitTorrent protocol|GET /announce\?info_hash=)”
add name=torrent-udp regexp=“^(\x04\x17\x27\x10\x19\x80|d1:ad2:id20:)”
/ip pool
add name=dhcp_pool2 ranges=10.3.1.103-10.3.1.254
/ip dhcp-server
add address-pool=dhcp_pool2 disabled=no interface=LAN name=dhcp1
/queue type
add kind=pcq name=PCQ_download pcq-classifier=dst-address pcq-rate=20M
add kind=pcq name=PCQ_upload pcq-classifier=src-address pcq-rate=20M
/queue simple
add name=xxxPC priority=1/1 queue=default/default target=10.3.1.173/32 total-queue=default
add name=NVR priority=1/1 queue=default/default target=10.3.1.60/32 total-queue=default
add disabled=yes name=queue1 queue=PCQ_upload/PCQ_download target=10.3.1.0/24
/queue tree
add name=queue1 packet-mark=client_download parent=global queue=PCQ_download
add name=queue2 packet-mark=client_upload parent=global queue=PCQ_upload
/interface detect-internet
set detect-interface-list=all
/interface list member
add interface=WAN1 list=WAN
add interface=WAN2 list=WAN
add interface=WAN3 list=WAN
/ip address
add address=10.3.1.1/24 interface=LAN network=10.3.1.0
add address=x.x.x.2/29 interface=WAN3 network=x.x.x.x
/ip dhcp-client
add disabled=no interface=WAN1 use-peer-dns=no
add disabled=no interface=WAN2 use-peer-dns=no
/ip dhcp-server network
add address=10.3.1.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.3.1.1
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall address-list
add address=dht.vuze.com list=Torrent
add address=inside.bitcomet.com list=Torrent
add address=dispersy1.tribler.org list=Torrent
add address=dispersy2.tribler.org list=Torrent
add address=dispersy3.tribler.org list=Torrent
add address=dispersy4.tribler.org list=Torrent
add address=dispersy5.tribler.org list=Torrent
add address=dispersy6.tribler.org list=Torrent
add address=dispersy7.tribler.org list=Torrent
add address=dispersy8.tribler.org list=Torrent
/ip firewall filter
add action=jump chain=forward comment=“Jump to OUT-Torrent” jump-target=OUT-Torrent out-interface-list=WAN
add action=accept chain=output content=“530 Login incorrect” dst-limit=1/1m,9,dst-address/1m protocol=tcp
add action=drop chain=OUT-Torrent comment=“Bootstrap hosts” dst-address-list=Torrent
add action=drop chain=OUT-Torrent comment=Teredo dst-port=3544 protocol=udp
add action=drop chain=OUT-Torrent comment=“DHT Routers” dst-port=6881 protocol=udp
add action=return chain=OUT-Torrent comment=“Return from OUT-Torrent rules”
add action=drop chain=forward src-mac-address=00:23:24:D2:32:BA
/ip firewall mangle
add action=accept chain=prerouting in-interface=WAN1
add action=accept chain=prerouting in-interface=WAN2
add action=accept chain=prerouting in-interface=WAN3
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=LAN new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=
both-addresses-and-ports:3/0
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=LAN new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=
both-addresses-and-ports:3/1
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=LAN new-connection-mark=WAN3_conn passthrough=yes per-connection-classifier=
both-addresses-and-ports:3/2
add action=mark-routing chain=prerouting connection-mark=WAN1_conn in-interface=LAN new-routing-mark=to_WAN1
add action=mark-routing chain=prerouting connection-mark=WAN2_conn in-interface=LAN new-routing-mark=to_WAN2
add action=mark-routing chain=prerouting connection-mark=WAN3_conn in-interface=LAN new-routing-mark=to_WAN3
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/ip route
add check-gateway=ping distance=1 gateway=192.168.10.1 routing-mark=to_WAN1
add check-gateway=ping distance=2 gateway=192.168.1.1 routing-mark=to_WAN2
add check-gateway=ping distance=3 gateway=x.x.x.x routing-mark=to_WAN3
add check-gateway=ping distance=1 gateway=192.168.10.1
add check-gateway=ping distance=2 gateway=192.168.1.1
add check-gateway=ping distance=3 gateway=x.x.x.x
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/snmp
set enabled=yes trap-generators=interfaces
/system clock
set time-zone-name=Asia
/system identity