NAT 1:1 VPS

wispmikrotik · March 26, 2018, 6:19pm

Hi,

I am trying to configure a public ip from a VPS to my office router. Redirect the traffic of an IP Public X.X.86.175 through a VPN to the mikrotik of my office without success.

VPS:

IP Public: X.X.86.175
IP VPN to Office: 10.8.8.1

Office:

IP VPN to VPS: 10.8.8.2

What I want is that a client from the Internet 45.134.X.X accesses the mikrotik of my office through the Public IP of the VPS:

Client: 45.134.X.X → X.X.86.175:80 netmap 10.8.8.2:80

VPS:

Routes:

[wisp@MikroTik] > ip route print 
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS  0.0.0.0/0                          X.X.0.1                1
 1 ADC  10.10.20.0/20       10.10.20.4       ether2                    0
 2 ADC  10.8.8.2/32        10.8.8.1        <l2tp>           0
 3 ADC   X.X.0.0/23      X.X.1.70     ether1                    0
 4 ADC  X.X.86.175/32  X.X.86.175  ether1                    0

Netmap:

[wisp@MikroTik] > ip firewall nat print 
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=dstnat action=netmap to-addresses=10.8.8.2 dst-address=X.X.86.175 log=no log-prefix="" 
 1    chain=srcnat action=netmap to-addresses=X.X.86.175 src-address=10.8.8.2 log=no log-prefix=""

The traffic arrives at the office router but the connection is not established.

Regards.

sindy · March 27, 2018, 8:37pm

How do you know that the traffic arrives to the office Mikrotik, and what does ****

/ip service print

say there?
Other than that, as the office Mikrotik has a default route which is unlikely to be 10.8.8.1, what happens if you add a route towards the client there via 10.8.8.1:

/ip route add address=45.134.X.X/32 gateway=10.8.8.1

?