Hi everybody,
After a lot of searches, posts reading and tests i’m unable to forward ssh from outside to an internal server, here’s the situation :
fiber → mikrotik → cisco switch → server debian
I’m coming from sfp1.120 on my mkt to ether1.2150 (vlan 2150 with network 192.168.50.0/24)
From ether1.2150 i go on my switch port2 (tag trunk 2150)
From port1 (tag trunk 2150) on the switch i go to server (ip 192.168.50.5)
Here’s what i have right now on my mkt :
/ip firewall filter add chain=forward action=accept protocol=tcp dst-address=192.168.50.5 in-interface=sfp1.120 out-interface=ether1.2150 port=22
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=192.168.50.5 to-ports=22 protocol=tcp in-interface=sfp1.120 dst-port=2223
Can someone save me, i really do’nt understand where i’m wrong there…
EDIT : These 2 rules were there before we add vlan 2150, but for IP 192.168.5.5 and it was working, when i’ve started i’ve just put a 0 on this rules and that doesn’t work either
EDIT2 : I can ping to 192.168.50.5 and ssh to it from the mikrotik