Local Loopback

tbutcher · August 7, 2006, 2:52pm

I am having problems accessing my website using their URLs (http://www.mysite.com) from the internal LAN. Is it possible to setup a local loopback to fix the problem?

Tim

eflanery · August 7, 2006, 4:47pm

I don’t really see how a reachability problem would be fixed with a loopback, but you can create a pseudo-loopback with an empty bridge (that acts for all intents and purposes as a real loopback, aside from some extra resource consumption).

–Eric

tbutcher · August 7, 2006, 5:36pm

What is the best option to solve the problem then?

normis · August 8, 2006, 6:06am

why do you think that the router is at fault? reachability problems can be caused by anything, bad cable or server problem. a loopback doesn’t have anything to do with browsing and reachability, maybe you mean something else?

changeip · August 8, 2006, 6:17am

i think he’s trying for a nat-on-a-stick config - this is what cisco calls it. Basically he wants to use the public ip on the inside, go out and back in again - which just takes a few nat rules to make it work.

tbutcher · August 8, 2006, 7:38am

Yes, that is what I am trying to do. How can it be done with Mikrotik?

Thanks

Tim

changeip · August 8, 2006, 2:57pm

If you’re on the same interface as the server (LAN?) then you need to dst-nat to that machine from the LAN interface …

Sam

tbutcher · August 8, 2006, 7:32pm

Ok, can you give me an example?

changeip · August 8, 2006, 7:38pm

add chain=dstnat in-interface=0-inside dst-address=ex.ter.nal.ip protocol=tcp
dst-port=80 action=dst-nat to-addresses=in.ter.nal.ip to-ports=0-65535
comment=“” disabled=no

I am not using this setup, but something similiar to the above should work. You are basically saying when a packet goes to the public IP:80 and its coming from internal, then dst-nat it to the internal ip.

Sam

macgaiver · August 9, 2006, 12:34pm

maybe i am misssing something, but i think the static DNS cache entry will help, just assosiate your local website name to the local IP of the site

changeip · August 9, 2006, 3:13pm

That works well if your using MT dns cache from internally.

Sam

tbutcher · August 9, 2006, 6:39pm

Yeah we are using Windows Server for our dns so that is not possible. I tried the fix above but it didn’t work.

Tim

tbutcher · August 21, 2006, 3:45pm

I am still stuck with this one, the above didn’t work.

Tim

westcoaststyle · August 24, 2006, 7:50pm

I have the exact same issue. I can reach my web server from an external source (home computer), but am not able to reach the same web server from within the network after replacing my Netgear VPN router with a freshly installed MikroTik firewall/router. I have a dstnat setup almost exactly as published above and can route traffic to any IP including the MikroTik router at 192.168.168.1, but I can’t seem to reach any other IP’s/machines on the network from within the network on port 80. I’m stumped!

westcoaststyle · August 24, 2006, 8:15pm

I found the solution through a few posts/links, thank goodness.

This worked for me:

Found in this thread: http://forum.mikrotik.com//viewtopic.php?t=5509&highlight=

hih