Dynamic Port Forwards - Multiple Internal Hosts

smroberts · February 17, 2012, 8:52pm

All,

How can I accomplish the following without a VPN?

Dynamic IP Address (Wan)<------------> Mikrotik Router<-----------> Lan Host #1 (TCP 80, UDP 123, UDP 124), Lan Host #2 (TCP 80, UDP 123, UDP 124), Lan Host #3 (TCP 80, UDP 123, UDP 124)

Issue:
Client coming in from the Wan interface is using web browser. I understand that Port 80 traffic can be translated to another port, however the Lan Host specific UDP traffic must also remain associated with initial translation.

How do I do this?

Thanks!

Ibersystems · February 17, 2012, 10:11pm

Uh? Let’s start again. Please, explain in detail:

What do you have?
What do you want to have?
Whats the correct way you want this working?

smroberts · February 17, 2012, 10:47pm

Thanks for the response.

My existing environment:
I am testing an OmniTik U-5Hnd.
I have 3 Ethernet devices, one is plugged into port 3, one in port 4 and the other into port 5.
Port 1 is used as a WAN port… dynamically assigned Internet address.

The 3 Ethernet devices are all using and require TCP Port 80 for web services, UDP port 1998 for Data Streaming, UDP port 1999 for Data Streaming.

Wish:
I would like to access all 3 devices from a remote (Internet) location using a single, dynamically assigned WAN address.

Ex: http://24.12.23.12 to access the first device (and it’s UDP stream), http://24.12.23.12:81 (and it’s UDP stream) for second device, http://24.12.23.12:82 (and it’s UDP stream) for third device.

Thanks!

Ibersystems · February 17, 2012, 11:25pm

Read about NAT in the wiki. Use action redirect.

smroberts · February 18, 2012, 5:05am

Martin,

I do appreciate your responses and have attempted to use redirect, however, I am sorry but I don’t understand how it can help.

I have 3 ethernet devices that use the exact same ports. I only have 1 dynamically provided external ip address.

I can get 1 host working no problem… 1:1 NAT… easy stuff… it’s host 2 and 3 that don’t work properly. When I attempt to connect to host 2 or 3, they reuse the data stream ports (1998 and 1999) from host 1, therefore displaying the incorrect data.

Thanks.

changeip · February 18, 2012, 6:24am

to make ‘related’ connections across IP addresses you probably have to either use address-lists, or use mangling to mark the tcp connection and somehow tie the 2 additional udp NAT rules to the initial TCP connection. I don’t know if it will happen quickly enough but maybe, depends on the sequence of events from your software.