I’m having problems getting DST-NAT to work on a RB532 running 2.9.20. The public IP is set to the bridge which bridges ether2 and ether3. The private network is on ether1. Any idea why I can’t reach the web interface on the private address? The addresses are pingable and I can get to the web port on the private address using telnet from the router.
[admin@RB532] ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat in-interface=bridge1 dst-address=65.XX.XX.188 protocol=tcp
dst-port=8088 action=dst-nat to-addresses=169.254.1.1 to-ports=80
[admin@RB532] > ip addr print
Flags: X - disabled, I - invalid, D - dynamic
ADDRESS NETWORK BROADCAST INTERFACE
1 65.XX.XX.188/25 65.XX.XX.128 65.XX.XX.255 bridge1
4 169.254.1.99/16 169.254.0.0 169.254.255.255 ether1