HELP OPEN PORT 30000-33000

RouterOS Beginner Basics
1

Dear forum users!! please help us understand the problem!!
MIKROTIK RBD52G-5HACD2HND-TC
I try to open ports , single, and range, actually, I have two questions

  1. how to open a range of PORTS from an external network to a local network (to the server)
  2. why when I open port 8444-check-writes that it is open, and when I open port 30000 using the same settings-it does not open?
  1. TCP 80-HTTP if you install apache for testing on the same server.
  2. TCP 8080 — Websockets
  3. TCP 8443 — Secure Websockets
  4. TCP 8081-HTTP interfaces
  5. TCP 8444 — HTTPS interfaces
  6. UDP, TCP [30000-31000] - SIP ports
  7. UDP [31000-32000] — RTP, SRTP, ICE, TLS, TCP ports used including in WebRTC – here is the list of ports that I need to open
2

If you need range of ports, just enter it as such, i.e. dst-port=30000-31000.

And if the port should show as open, not only it must pass through router, but target device must actually listen on it. Which will happen for correctly configured webserver, but not necessarily for range of ports that may be used by application as needed, but it won’t necessarily listen on all of them all the time.

3

Thank you for your answer friend
did I understand you correctly- the port must be open in 1) the router Firewall 2) the operating system firewall - for correct operation? windows 10 - firewall and firewall are disabled completely
and did I understand correctly that ports can be opened, but if they are not used, they can be displayed as closed? I check through a third-party site
and still, I attach a photo, please tell me whether these parameters mean that my port is open?
THANK YOU

also, how do I make sure that the port is open?

4

It’s better to post exported config, images don’t show everything. But in this case, dst-address=192.168.88.1 for first two rules is wrong (unless you’re really looking for packets having 192.168.88.1 as original destination).

About port status, if they should be open, no firewall anywhere must block them, obviously. Then:

a) Tcp will be open when there’s something listening on it and accepting connections (running webserver for example) or closed when it’s not. If it’s blocked by firewall, it will show as filtered.
a) Udp will be open when there’s something listening on it, accepting packets, and it sends something back. If nothing is listening, it will be closed. If it’s blocked by firewall, it will show as filtered. But you won’t be able to tell filtered from open, if it doesn’t send anything back, because unlike tcp, udp doesn’t have connections, so there’s no confirmation if packet was received or not.

5

post your config, to shorten up the time to resolutions.]
In general you only need one firewall forward filter rule to allow port forwarding (built into default rules)
For each server you will need a destination nat rule.