Forwarding an internal IP address to an external IP address

marekso · August 4, 2015, 3:15pm

Hi MikroTik Folks,

I’ve got a device (10.10.10.20) on my internal network outputting UDP data to a known IP address on the network (10.10.10.11:30000). I’d like to forward this data to a machine outside of my network (192.168.1.40:30000).

Is there a way to configure a CRS to forward a UDP stream to an external IP address?

I tried creating a destination NAT from my internal (NATted) network to the outside world, but the CRS dst-nat rule never logged any packets. My hunch is that because the destination IP address (10.10.10.11) is on the internal network, the CRS switched the packets instead of routing and then forwarding them. Is there some way around this?

Thanks!

lordkappa · August 5, 2015, 7:04am

No, there isn’t.

The router can’t redirect traffic it doesn’t receive. A PC will only send traffic to the default gateway if the destination IP isn’t in its own local subnet. You can check your PC’s local routing table to see why this makes sense; your local subnet will show up as a separate routing entry, marked as directly connected.

Example output on linux

~$ ip route list
default via 192.168.1.1 dev eth0  proto static 
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.2

Example output on windows

C:/> route print
<---snip------>
Network Destination        Netmask          	Gateway       Interface 	 	Metric
          0.0.0.0			0.0.0.0           192.168.1.1    192.168.1.2         10
         192.168.1.0		255.255.255.0  	On-link         192.168.1.2  		266
<----snip---->

marrold · August 5, 2015, 10:50am

You could possibly add a ‘dummy’ IP on the Router that forwards all traffic to the target machine on the LAN except that traffic you wish to forward externally, but this will be somewhat hacky.

lordkappa · August 5, 2015, 8:13pm

If you were willing to be that hacky, you wouldn’t even need the dummy IP.

Just point your client to the router’s IP and nat anything coming into that port. I just assumed marekso wanted the whole process to be transparent to the client.

abdulla · August 9, 2015, 7:02pm

Please help me in this:

I am having a problem with port forwarding over 2 wan, here is my setup:

WAN 1 (10.0.1.2) - Gateway: 10.0.1.1
WAN 2 (10.0.2.2) - Gateway: 10.0.2.1
Local (192.168.1.1)

I am planning to put port forwarder to 192.168.1.5 which is:
ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-address=10.0.1.2 to-addresses=192.168.1.5
ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-address=10.0.2.2 to-addresses=192.168.1.5

It is totally working if the default route route is 10.0.1.1, while the other wan it will not work, but if I change the WAN to 10.0.2.1, the port forwarding will work on WAN2 but the WAN 1 will not work.

How I can get both to be port forwarding to 192.168.1.5 whatever the default route are.

Abdulla