Myron
March 14, 2010, 12:50pm
1
hey guys need your help i have my internal nano station ip and it works perfect if i disable the default rules but the problem is if i enable cant redirect the traffic to nano ip heres my config
add action=dst-nat chain=dstnat comment=“station side nano” disabled=no dst-address=
in input chain
in default drop rules is place in the bottom
how can i pass the traffic even the default drop rules is enable
thanks
It doesnt go in the input chain, it is forwarding the traffic, so it goes in the forward chain.
Myron
March 15, 2010, 1:19am
3
thanks for response road but im accessing from outside
fewi
March 15, 2010, 1:39am
4
http://wiki.mikrotik.com/wiki/Manual:Packet_Flow
Destination NAT happens in prerouting. After that the packet’s destination address has been rewritten and it goes into the forward chain.
Change
add action=accept chain=input comment="nano allow" disabled=no protocol=tcp src-port=12345
to
add action=accept chain=forward comment="nano allow" disabled=no protocol=tcp src-port=12345
and make sure to put it above the deny all at the end.
Myron
March 15, 2010, 2:22am
5
fewi:
http://wiki.mikrotik.com/wiki/Manual:Packet_Flow
Destination NAT happens in prerouting. After that the packet’s destination address has been rewritten and it goes into the forward chain.
Change
add action=accept chain=input comment="nano allow" disabled=no protocol=tcp src-port=12345
to
add action=accept chain=forward comment="nano allow" disabled=no protocol=tcp src-port=12345
and make sure to put it above the deny all at the end.
fewi and road it works i really do appreciate ur help
regards
