Hello,
I’m totally new in this forum and don’t know very much good about Mikrotik. Just know some basic themes about this.
I have a fixed 2 mbps IP (114.130.8.xx) from my ISP which i have to connect with PPPoE.. I have a 24/7 Gaming server, which is actually use for some online games and TS conferencing.. The server is in my home.. right now i am using a 1mbps connection for my pc and laptop which is connected via my noob build mikrotik and another 2mbps connection is for my server pc.. but i have the opportunity from my ISP to take a 5 mbps connection with the same price, now i am paying formy pc and the server both… I want to use 5mbps the connection via mikrotik for my laptop , desktop and and my server pc.. but the problem is that when i put the PPPoE username to the mikrotik and give a private ip to the server, then it can’t be visible.. no one can’t connect to my server or i can’t remote the server outside my network because of the fake ip.. there is a block between the WAN and LAN networking.
Now my question, is there any way to make a mikrotik rules that can make the permission to visible the private ip address as a public ip and people can join or remote my server outside my network.. If yes, could anyone suggest me, what i have to do then or where can i find the article about my problem…
I’m waiting for your valuable Reply…Thank You…
Assume your server is 10.0.0.1, and your ISP Public IP is 64.64.64.100. The following rule would NAT the public to the private.
/ip firewall nat
add action=dst-nat chain=dstnat comment=“Gaming Server In” disabled=no dst-address=64.64.64.100 to-addresses=10.0.0.1
add action=src-nat chain=srcnat comment=“Gaming Server Out” disabled=no src-address=10.0.0.1 to-addresses=64.64.64.100
This will forward all traffic coming in to the Public IP through to the server and make sure all traffic from the server gets translated to the Public IP.
Obviously you will need to change the IP’s and interface names as needed, then paste into the MikroTik CLI.
Thanx a lot scotthammersley.. It works quietly. But still i am getting a problem. My WAN connection connected through over PPPoE. And the IP change dynamically once or twice a month… Can i use my WAN Interface, that can automatically find the new Public IP address and forward as it is doing. I mean, in ur written command line, " dst-address = XXX.XXX.XXX.XXX " … but i want to set it as a Wan Interface. Is it possible ??.. If yes, how can i do that ??..Could you plz help me …
You should be accomplish this by using two different actions; Masquerade for outbound and netmap for inbound. I think masquerade would be the only way to do srcnat with a dynamic IP (Without doing more complicated scripting… Keeping it simple.)
/ip firewall nat
add action=masquerade chain=srcnat comment="Server Out" out-interface=PPPOE-Name src-address=10.0.0.1
add action=netmap chain=dstnat comment="Server In" in-interface=PPPOE-Name to-address=10.0.0.1
Give it a try, just be sure to place them at the top of your NAT list. Oh, also be sure to change your interface names where applicable.
thanks a lot lordkappa… It works supperb… but after making the rules, my PPTP server is crashing.. When i tried to connect other pcs over PPtp or VPN client it shows ‘800 Error’ … Maybe all of my ports are redirecting to my Gaming Server PC … So how can i select my specific ports in the same rules?? .. because your given config is working very well, but only if i can select my specific ports for my server pc, i think my pptp server works well properly and i can configure another rules for my another server pc in future… 
The 2 rules I suggested will only link one external PPPoE interface directly to one internal IP; all ports (Essentially, a DMZ.) If you’re asking how you can select which ports are mapped, you can use protocol=<tcp/udp> dst-port= in your original IN->NAT rule. e.g.
add action=netmap chain=dstnat in-interface=<interface> to-addresses=<server ip> protocol=<tcp/udp> dst-port=<ports>
This would NAT only the specified ports, and specified protocol. Please note that you can specify multiple ports in the same rule (eg dst-ports=21,80-88,443.)
You may have to make several rules, depending on how many ports / how many protocols you need forwarded.