I have network diagram as below.
I can access web server from WAN, but not from LAN.
I need similar solution as explained here https://wiki.mikrotik.com/wiki/Hairpin_NAT , however my network diagram is different and I need different solution.
So far my configuration is very basic:
[user@mikrotik] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 ;;; WAN
192.168.8.254/24 192.168.8.0 ether1
1 ;;; LAN
192.168.0.254/24 192.168.0.0 bridge
[user@mikrotik] >
[user@mikrotik] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none
1 ;;; HTTP port forwarding to 192.168.0.1
chain=dstnat action=dst-nat to-addresses=192.168.0.1 to-ports=80 protocol=tcp dst-address=192.168.8.254 dst-port=80 log=no log-prefix=""
[user@mikrotik] >
[user@mikrotik] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S ;;; default route
0.0.0.0/0 192.168.8.1 1
1 ADC 192.168.0.0/24 192.168.0.254 bridge 0
2 ADC 192.168.8.0/24 192.168.8.254 ether1 0
[user@mikrotik] >
Could you suggest missing NAT rules, so that web server could be accessible from LAN?