I’ve been facing an issue while trying to set up port forwarding on my RouterOS device to host my *** apk website. I have a MikroTik router, and I’m struggling to configure it properly to allow external access to my website.
Here are the details of my setup:
I have a static public IP address provided by my ISP.
My MikroTik router is handling the network, and I’m using it to manage port forwarding.
I want to host a website (using HTTP on port 80) and have already set up the necessary web server internally.
What I’ve Tried:
I’ve attempted to set up port forwarding rules using the Firewall/NAT section in Winbox. I’ve added a DST-NAT rule to forward incoming traffic on port 80 to the internal IP address of my web server. However, external access to my website is still not working.
I’ve checked for any firewall rules that might be blocking the traffic, but as far as I can tell, everything seems to be correctly configured.
Could someone kindly guide me through the necessary steps to ensure that my port forwarding configuration is accurate and functioning properly for hosting a *** on my network? Moreover, if you are into **** video editing then you must know that **** is providing mod version of the **** app]. Any assistance or suggestions would be greatly appreciated. Thank you in advance for your help!
As anyone here will tell you, post you config using the command below. Download it & remove any identifying/important info from it.
/export file=whateveryoucallthefile
Hopefully you have your interface member list proper as well, indicating the LAN/WAN interfaces like the example below:
/interface list member
add interface=ether1 list=WAN
add interface=“Lan Bridge” list=LAN
add interface=wireguard1 list=LAN
But to get you started, and pending what firewall config you’re using, because you may or may not have the below:
Put this above the last entry “drop all” firewall filter rule:
/ip firewall filter
add action=accept chain=forward comment=“port forwarding” connection-nat-state=dstnat
Throw this in firewall NAT after editing & adding your network/server/ISP info:
/ip firewall nat
add action=dst-nat chain=dstnat comment=“Server” dst-address=Your.ISP.address dst-address-type=local dst-port=Your.Server.Port protocol=tcp to-addresses=Local.Server.IP
If your trying to access the server from your LAN/wifi, using the external website address, add the Hairpin NAT as well (don’t forget to edit & add your network/server/ISP info):
/ip firewall nat
add action=masquerade chain=srcnat comment=“Hairpin NAT” dst-address=Local.Server.IP out-interface-list=LAN protocol=tcp src-address=Local.LAN.Block
The dst-nat rule does not require dst-address-type=local.
2 The general hairpin nat rule that will cover all servers in a subnet, or if just one…one rule.
add action=masquerade chain=srcnat comment=“Hairpin NAT” **dst-address=**Local.ServerSubnet **src-address=**Local.ServerSubnet
Note: Hairpin Nat rule is required if you have users within the same subnet as the Server that required access to the Sever via the dyndns name/url ( and not the direct LANIP address of the server )