I’m kind of new within the Mikrotik universe so I’m trying to do my best learning its functionnalities.
Whatever, I’m using a GLPI server inside my network. Before, I applied a simple port forwarding on 80 port with an OpenWRT router, so my remote PC connected to the server displayed their WAN IP and I could identified them.
Since I changed it with my up-to-date RouterOs, neither me or my remote UC can connect my server from the outside with an IP Forwarding Rule. I now require to add a srcnat chain masquerade rule to get connected. The IP source being NAT’ed to local address, every UC registered within my server is now displaying my RouterOS IP instead of their own WAN IP.
I checked my server (Debian) to check if it suddenly turned into a xenophobic server concerning WAN request, but everything’s clear.
How could I resolve the problem according to you?
I’ll post the /ip rules on tomorrow, but I’ll be glad to read your suggestions meanwhile.
Limit the srcnat to the WAN-egress (wan outgoing) traffic only not for traffic to the LAN/server. Or limt the srcnat to the server source only.
WAN incoming traffic (your remote PC) should not be srcnat-ted.
Just before reading your answered, I just managed myself to access to my Winbox and understood how to solve my problem.
My firewall rule concerning my server was not working simply because of its place in the list…
So I added a Forward Chain in the firewall for the requested port, placed it above in the listed rule and then add the usual NAT rule with dstnat chain to my Server.
