Help: Setting Web Server using NAT

d4n13l · June 11, 2004, 8:36am

I use mikrotik router OS 2.8.9. Internet IP Gateway is 202.148.1.145/29, and Mikrotik router IP is 202.148.1.146/29. Local IP address is 192.168.0.0/24.

Currently I want to publish my local server as web server IP 192.168.0.5 using NAT with IP public 202.148.1.147

I do the followong step :
/ip address add address=202.148.1.146/29 interface=Public
/ip address add address=202.148.1.147/29 interface=Public
/ip address add address=192.168.0.1/24 interface=Local

/ip route add gateway=202.148.1.145 preferred-source=202.148.1.146
/ip firewall src-nat add action=masquerade out-interface=Public

Until here, when I browse 202.148.1.147 with IE, the browser is show winbox. then i add the route below:

/ip firewall dst-nat add dst-address=202.148.1.147/32 action=nat
... to-dst-address=192.168.0.5

after the command, when I browse 202.148.1.147. nothing is happend, the page is unavailable. I check the IP 202.148.1.147 and no port 80 is open.

What is to fix my proble? So, i can publis my local ip 192.168.0.5 using NAT? or maybe in the future I need to publis another local servers?

Thak’s in advanced[/url][/list]

butche · June 11, 2004, 2:14pm

/ip firewall dst-nat add dst-address=202.148.1.147/32 action=nat
... to-dst-address=192.168.0.5

Just a couple suggestions…
Try the following line:

/ip firewall dst-nat
add dst-address=208.148.1.147/32:80 action=nat
to-dst-address=192.168.0.5 to-dst-port=80

That way, you are only natting port 80

Also, make certain that the gateway on the machine at 192.168.0.5 points to your local gateway address (192.168.0.1).

Are you doing any other firewall rules that may be blocking this traffic?

d4n13l · June 12, 2004, 7:08am

[color=blue]/ip firewall dst-nat
add dst-address=208.148.1.147/32:80 action=nat
to-dst-address=192.168.0.5 to-dst-port=80

That way, you are only natting port 80[/color]

Thank’s buthce,

I am already do that. But the problem is still happen,
The page is unavailable is I try to browse 202148.1.147. I check the IP 202.148.1.147 and no port 80 is open.

Any suggestion how to fix my problem so i can browse my local web server as public web server?

Thank’s in advanced…

yancho · June 12, 2004, 7:41pm

Add source - nat rule:
dst-address=192.168.0.5/32:80 protocol=tcp action=nat to-src-address=192.168.0.1/32

d4n13l · June 14, 2004, 2:06am

Ok, everybody, thank’s a lot for your help. Is working now, the problem is I forgot to add default gateway on my local web server.

thank’s