Hi everyone,
I would like to create a port forwarding (From my external IP (ISP) to my internal network)
I read this page https://wiki.mikrotik.com/wiki/Manual:Initial_Configuration#Static_configuration
So this bring two questions :
“what it’s the little checkbox in front of the IP”
it means “NOT”, so basically you say “not any source”
Thank you @vilpalu
so 0.0.0.0 by default in ROS many any IP correct ?
But If I let that as □ 0.0.0.0 (unchecked) it mean that all IP incoming dst IP will be accepted. how can I define the current ISP IP ?
Mainly, 172.16.88.67 is not public address. So unless you are sure that ISP gives you one (could be done with NAT 1:1 or something where the real address would be on their router), there will be no port forwarding or any other access from internet to you.
On my dstnat (port forwarding rule) I used in-interface-list=WAN (since I have dual wan), if I had a single wan it would have been in-interface=wan.
Note, if you know the limited WANIPs external that need access to your server then you could add them to an address list
and they would be under source-address-list=“authorized_server_access”
What is also required is a firewall forward chain rule.
Basically states allow new connections and new-connection-dstnat connections from your wan interface (or wan interface list if dual).