NAT Loopback / DNS

RouterOS Beginner Basics
1

Ok, so I have a NAS I have set up for access over the internet. xx.synology.me

Problem is, I can’t use that same address to access the unit from within the same LAN.

I’ve gone into ip>firewall and added src/dest 192.168.88.0/24 for both accept, and masquerade (wasn’t clear which to use) and I still can’t load into my NAS. Originally, it was connecting to the router login, but I changed the www port to 88 to avoid this. Now it just doesn’t load.

I’ve also tried setting up DNS on the router via IP>DNS>Static. Name: xx.synology.me address:192.168.88.248. And get the same result.


Where do I go from here? Please explain in great detail how to do something. I’m new to the mikrotik ecosystem

2

You need hairpin NAT.

3

Indeed Hairpin NAT or a proper DNS configuration. Wonder what services on the NAS you would like to publish to the Internet. There might be a better way.

4

Not sure what to do with the wiki article. How do I make it work for me, though?

Remote access when I'm offsite, plus remote access for friends

5

Read, understand and implement. What more do you expect from us if we know nothing about your current config.

6

you have two choices,
One move the NAS to a different subnet then your users and then all will be able to access the NAS with normal rules sets.
If not then you have to make an additional source nat rules and potentially depending upon config adjust the dst nat rules.

Use the search top right to look for other hairpin nat discussions… all answers are contained, spoon down…

7

At this point, I’m honestly about to box the thing up and return it. Got this unit on internet recommendations since I wasn’t happy with my tp-link unit. But this? It’s been a headache the whole way. Spent hours trying to get this thing working. Always met with the same answer… Go read.. Like, dude, how much time is reasonable trying to get a simple nat hairpin rule to work? Been at it for a cumulative 6 hours now.

8

Had a moment of pretty intense frustration… Cooled down now.

So, I’m new to this sort of borderline enterprise class hardware. My previous unit, TP link, essentially just had a tick box for enabling NAT hairpin.

So coming from that, I appreciate the advice to read and learn. I’m trying. But I find I’m at a point where I’m not sure what to even search to get the results I want. Lot of nomenclature in the software goes over my head (for now).

Realistically, I think trying to set up for NAT Hairpinning is the most appropriate. I just don’t know how to get there. Setting a masquerade rule for 192.168.88.1/24 didn’t yield the expected results, so I need some direction on where to go from here.

9

Where I am at now:

Works fine on WiFi. Can go to xx.synology.me from within my network, everything loads in fine.

Connected to ethernet though, that doesn’t work.

Been poking around but can’t determine what my next steps are

10

The best way is to read and understand the linked article, and then everything will be clear and simple. But you can always “cheat”, post your config and we’ll tell you what’s wrong with it.

/export hide-sensitive file=myconfig

Then look for file myconfig.rsc and post its content in code tags.