Can't reach Public IP from LAN

RouterOS Forwarding Protocols
1

Public IP of RB750G: 88.XXX.XXX.35
Internal IP of RB750G: 192.168.3.1

Port 80 is forwarded to internal IP 192.168.3.3.
This is working from other computers on the internet.

Internal NATed computers works as expected.

The problem:
Internal computers can't reach the internal webserver with the public IP.

NAT rules:
0 chain=srcnat action=masquerade out-interface=Internet

1 chain=dstnat action=dst-nat to-addresses=192.168.3.3 to-ports=80
protocol=tcp dst-address=88.XXX.XXX.35 dst-port=80

Routes:

DST-ADDRESS PREF-SRC GATEWAY DISTANCE

0 A S 0.0.0.0/0 88.XXX.XXX.1 1
3 ADC 88.XXX.XXX.0/21 88.XXX.XXX.35 Internet 0
6 ADC 192.168.3.0/24 192.168.3.1 Local 0


Regards Peter

Port forwarding - please help !
2

http://wiki.mikrotik.com/wiki/Hairpin_NAT

3

Thanks for that link :slight_smile:

/ip/firewall/nat/ Rules to actually fix the problem!

Forward port 80 on public 88.XXX.XXX.35 to local lan adress 192.168.3.3:
0 chain=dstnat action=dst-nat to-addresses=192.168.3.3 to-ports=80
protocol=tcp dst-address=88.XXX.XXX.35 dst-port=80

Make local LAN browse the internet:
1 chain=srcnat action=masquerade out-interface=Internet

Make local LAN reach webserver with public IP:
2 chain=srcnat action=masquerade protocol=tcp src-address=192.168.3.0/24
dst-address=192.168.3.3 out-interface=Local dst-port=80


Regards Peter