Hello,
I have the following setup:
an Internet router (TP-Link) that handles PPOE, port forwarding and firewall (192.168.1.1). Behind it is the MikroTik RB751G, Router OS version 5.11 which serves as DHCP server and wireless AP (192.168.1.5) on the intranet. It is to this MikroTik that all my computers and devices connect to.
My firewall rules on the MikroTik - the firewall should actually be disabled:
0 ;;; default configuration
chain=input action=accept protocol=icmp
1 ;;; default configuration
chain=input action=accept connection-state=established
2 ;;; default configuration
chain=input action=accept connection-state=related
3 X ;;; default configuration
chain=input action=drop in-interface=ether1-gateway
The SSH server settings on the MT:
3 ssh 22
When connecting to MikroTik’s SSH server from within the intranet, all works perfectly.
The problem is that when forwarding SSH connections to MikroTik from Internet (i.e. the TP-Link), MT doesn’t answer those connections. I can see in IP-Firewall-Connections on the web interface of MT that they are correctly forwarded from the TP-Link, but the MikroTik simply doesn’t answer them. As far as I understand it, they shouldn’t be blocked by the firewall itself (see rules).
I have a similar setup when the SSH connections are forwarded to a different device on the network and everything works fine there.
What am I missing? Is there a way to make the MikroTik’s SSH server accept connections from the Internet with my particular hardware and version?
If any more information are necessary, let me know.
Thanks.
PS: Although this seems similar to http://forum.mikrotik.com/t/enable-ssh-winbox-telnet-with-5-x-os/54079/1 , I didn’t find that post helpful in resolving my issue.