Hello.
I have a local server in my home lan that is accessible from the internet through double dst-nat (main firwall for the entire village that nats a few ports to my mikrotik's WAN IP (already natted by the main firewall) that does another dst-nat to an internal server.

Topology is simple:
External IP on main firewall:PORT X --> Mikrotik wan IP:PORT X --> Local server: PORT X

Accessing this from the internet works fine.
In order to use the same configuration (It's a mobile app) from the internal network, I am trying to do a local dst-nat to take all traffic trying to reach "External IP" from my home LAN to be redirected to my local server instead

Here is what I tried:

Allow incoming traffic from the internet to access my local server (works fine)

chain=dstnat action=dst-nat to-addresses=192.168.1.5 to-ports=80 protocol=tcp in-interface=ether1-gateway dst-port=80

Trying to catch traffic going outside to the original real IP from my LAN and send it to the local server

chain=dstnat action=dst-nat to-addresses=192.168.1.5 to-ports=80 protocol=tcp dst-address=REAL-IP dst-port=80

This doesn't work. Any idea what am I missing?

Thanks.

OK, so I found the issue…
Apparently I had too many open windows so I tcpdumped in the wrong server

When I run it on the right server - I saw that the problem is that I am seeing the source ip and trying to reach it directly.
Adding a masquerade solved it:

chain=dstnat action=dst-nat to-addresses=192.168.1.5 protocol=tcp dst-address=MY_EXTERNAL_IP
chain=srcnat action=masquerade protocol=tcp src-address=192.168.1.0/24 dst-address=192.168.1.5