Hi all.

I need to access a server on my inside network via internet. I use a RB750.
The first port is connected to wireless modem using PPPoE and using NAT.
All is working great.
I've done the following setup by using NAT-DEST...
Any traffic coming in on port 22 gets re-directed to the server's actual IP on the inside network on port 22.

But it doesn't work, the access gets refused.
Could anyone please suggest what the problem might be?

Below my configuration on RB750...

[admin@MikroTik] > /ip firewall filter print
Flags: X - disabled, I - invalid, D - dynamic
0 X ;;; default configuration
chain=input action=accept protocol=icmp

1 ;;; Drop Invalid connections
chain=input action=drop connection-state=invalid

2 ;;; Allow Established connections
chain=input action=accept connection-state=established

3 ;;; Allow UDP
chain=input action=accept protocol=udp

4 ;;; Allow ICMP
chain=input action=accept protocol=icmp

5 ;;; Allow access to router from known network
chain=input action=accept src-address=192.168.1.0/24

6 ;;; Allow access to router from known network
chain=input action=accept src-address=192.168.0.0/24

7 X ;;; Drop anything else
chain=input action=drop

8 X ;;; drop invalid connections
chain=forward action=drop connection-state=invalid protocol=tcp

9 ;;; allow already established connections
chain=forward action=accept connection-state=established

10 ;;; allow related connections
chain=forward action=accept connection-state=related

11 X chain=forward action=drop src-address=0.0.0.0/8

12 X chain=forward action=drop dst-address=0.0.0.0/8

13 chain=forward action=drop src-address=127.0.0.0/8

14 chain=forward action=drop dst-address=127.0.0.0/8

15 chain=forward action=drop src-address=224.0.0.0/3

16 chain=forward action=drop dst-address=224.0.0.0/3

17 X chain=forward action=jump jump-target=tcp protocol=tcp

18 X chain=forward action=jump jump-target=udp protocol=udp

19 X chain=forward action=jump jump-target=icmp protocol=icmp

20 ;;; deny TFTP
chain=tcp action=drop protocol=tcp dst-port=69

21 ;;; deny RPC portmapper
chain=tcp action=drop protocol=tcp dst-port=111

22 ;;; deny RPC portmapper
chain=tcp action=drop protocol=tcp dst-port=135

23 ;;; deny NBT
chain=tcp action=drop protocol=tcp dst-port=137-139

24 ;;; deny cifs
chain=tcp action=drop protocol=tcp dst-port=445

25 ;;; deny NFS
chain=tcp action=drop protocol=tcp dst-port=2049

26 ;;; deny NetBus
chain=tcp action=drop protocol=tcp dst-port=12345-12346

27 ;;; deny NetBus
chain=tcp action=drop protocol=tcp dst-port=20034

28 ;;; deny BackOriffice
chain=tcp action=drop protocol=tcp dst-port=3133

29 ;;; deny DHCP
chain=tcp action=drop protocol=tcp dst-port=67-68

30 ;;; deny TFTP
chain=udp action=drop protocol=udp dst-port=69

31 ;;; deny PRC portmapper
chain=udp action=drop protocol=udp dst-port=111

32 ;;; deny PRC portmapper
chain=udp action=drop protocol=udp dst-port=135

33 ;;; deny NBT
chain=udp action=drop protocol=udp dst-port=137-139

34 ;;; deny NFS
chain=udp action=drop protocol=udp dst-port=2049

35 ;;; deny BackOriffice
chain=udp action=drop protocol=udp dst-port=3133

36 ;;; drop invalid connections
chain=icmp action=accept protocol=icmp icmp-options=0:0

37 ;;; allow established connections
chain=icmp action=accept protocol=icmp icmp-options=3:0

38 ;;; allow already established connections
chain=icmp action=accept protocol=icmp icmp-options=3:1

39 ;;; allow source quench
chain=icmp action=accept protocol=icmp icmp-options=4:0

40 ;;; allow echo request
chain=icmp action=accept protocol=icmp icmp-options=8:0

41 ;;; allow time exceed
chain=icmp action=accept protocol=icmp icmp-options=11:0

42 ;;; allow parameter bad
chain=icmp action=accept protocol=icmp icmp-options=12:0

43 ;;; deny all other types
chain=icmp action=drop

[admin@MikroTik] >



[admin@MikroTik] > /interface print
Flags: D - dynamic, X - disabled, R - running, S - slave

NAME TYPE MTU L2MTU

0 R ether1-gateway ether 1500 1526
1 R ether2-master ether 1500 1524
2 R ether3-local ether 1500 1524
5 R pppoe-mweb pppoe-out 1392
[admin@MikroTik] >


[admin@MikroTik] > /ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=forward action=change-mss new-mss=1350 tcp-flags=syn protocol=tcp
[admin@MikroTik] >


[admin@MikroTik] > /ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade out-interface=pppoe-mweb

1 ;;; pabx-ssh
chain=dstnat action=dst-nat to-addresses=192.168.1.42 to-ports=22
protocol=tcp in-interface=ether1-gateway dst-port=22