Help with port forwarding

Hello. I’m trying to setup port forwarding for the camera system we are using and have tried various things but to no avail.

I’m thinking something in the firewall rules is where I’m messing up but am a total noob when it comes to that.

Would be grateful if anyone could point me in the right direction?

> /ip address print detail              
Flags: X - disabled, I - invalid, D - dynamic 
 0   ;;; Air2Data LAN IP
     address=192.168.100.1/24 network=192.168.100.0 broadcast=192.168.100.255 
     interface=ether2 actual-interface=ether2 
 1   address=192.168.99.1/24 network=192.168.99.0 broadcast=192.168.99.255 
     interface=ether3 actual-interface=ether3 
 2 D address=192.168.254.1/24 network=192.168.254.0 broadcast=192.168.254.255 
     interface=ether1 actual-interface=ether1

> /ip route print detail
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 0 ADS  dst-address=0.0.0.0/0 gateway=192.168.254.254 
        gateway-status=192.168.254.254 reachable ether1 distance=0 scope=30 
        target-scope=10 
 1   S  dst-address=0.0.0.0/0 gateway=192.168.254.254 
        gateway-status=192.168.254.254 reachable ether1 distance=1 scope=30 
        target-scope=10 
 2 ADC  dst-address=192.168.99.0/24 pref-src=192.168.99.1 gateway=ether3 
        gateway-status=ether3 reachable distance=0 scope=10 
 3 ADC  dst-address=192.168.100.0/24 pref-src=192.168.100.1 gateway=ether2 
        gateway-status=ether2 reachable distance=0 scope=10 
 4 ADC  dst-address=192.168.254.0/24 pref-src=192.168.254.1 gateway=ether1 
        gateway-status=ether1 reachable distance=0 scope=10

> /ip firewall export
# jun/26/2012 16:37:28 by RouterOS 4.11
# software id = 104L-TQMS
#
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-
wait-timeout=10s \
    tcp-established-timeout=1d tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s tcp-
syn-received-timeout=5s \
    tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s udp-stream-
timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" 
disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" 
disabled=yes
add action=masquerade chain=srcnat comment="" disabled=no
[b]add action=dst-nat chain=dstnat comment="GV800 - HTTP" disabled=no dst-
address=192.168.254.1 dst-port=60001 \
    protocol=tcp to-addresses=192.168.99.51 to-ports=60001
add action=dst-nat chain=dstnat comment="GV800 - Command" disabled=no dst-
address=192.168.254.1 dst-port=\
    60002 protocol=tcp to-addresses=192.168.99.51 to-ports=60002
add action=dst-nat chain=dstnat comment="GV800 - Data" disabled=no dst-
address=192.168.254.1 dst-port=60003 \
    protocol=tcp to-addresses=192.168.99.51 to-ports=60003
add action=dst-nat chain=dstnat comment="GV800 - Audio" disabled=no dst-
address=192.168.254.1 dst-port=60004 \
    protocol=tcp to-addresses=192.168.99.51 to-ports=60004
add action=dst-nat chain=dstnat comment="GV800 - RPB Server" disabled=no dst-
address=192.168.254.1 dst-port=\
    5066 protocol=tcp to-addresses=192.168.99.51 to-ports=5066[/b]
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no

Does the camera at 192.168.99.51 have its gateway set to the router on 192.168.99.1?

Yes. The setup, looking in from the internet, is:

Internet > DSL Modem > Microtik router > DVR (PC based)

Ports 60001 - 60004 have been forwarded on the DSL Modem to the router. The same ports have been forwarded on the Microtik to the DVR.

Is a rule upstream of the port forwarding rules preventing the ports from being opened?

Anyone?

Would appreciate any help!

Thanks.