If this has been covered under another topic, just point me there. 
Background:
I have an RB450, RouterOS 3.13 with three used LAN ports:
- WAN, public IP, DHCP assigned
- LAN, private IP, 192.168.1.0/24
- OPT, another private IP, 10.0.0.0/24
I want to bring in RDP to 192.168.1.20, and HTTP to 10.0.0.10. I thought I’d try the RDP first, so I put in a firewall rule:
chain=dstnat action=dst-nat to-addresses=192.168.1.20 to-ports=3389 in-interface=WAN dst-port=3389 protocol=tcp
but it just doesn’t seem to work. I can RDP into it internally from the LAN side. I have not tried it from the OPT port yet.
I have to be missing something simple. I can’t figure out what. Anyone know?