I’m running in to a problem when trying to simply open ports for Uber Conference. I have filter rules in place for all of the ports/protocols they use, but when I test the ports from the public side, the ports come back as closed. I’m not sure what I’m missing here. We have a few members that use this service, so I can’t just NAT to one specific IP address. I also have UPnP active on the WAN port.
If you’re trying to allow traffic from wan to lan side,
I believe you should go to “ip firewall nat”:
add chain=dstnat protocol=tcp dst-port=6800 action=dst-nat to-addresses=INTERNAL_IP_WITH_SAID_SERVICES to-ports=6800 comment=“” disabled=no
This router is in an environment that has members that come and go. It isn’t just 1 device that uses this service. I need the ports to be open for the entire LAN, and let UPnP do it’s thing. Is this possible with RouterOS, or do I need to put together an address list with the IP’s (and make them static of course) of the devices that need access to this service? Or can I NAT the service ports to the whole LAN just by using the base IP for the interface? (happens to be 172.20.32.1)
Even then, why can’t I see that those ports are open? Is the rule not correct for simply opening ports in the firewall?
You have created firewall rules to accept the ports specified but that isn’t a port forward. That is just opening the firewall ports. Create some dst-nat rules as well and you will be good to go.
For UPNP, turn it on under IP > UPNP
Looks like Uber conference uses SIP/VoIP. There is no port forwarding to setup for that.
Uber conference website says to disable SIP ALG. I’d first try it with it enabled… Then try turning it off with UPNP enabled.