NAT Port forward issue

RouterOS Beginner Basics
1

Hi,

I’m new to router OS but i have had it for awhile and successfully used it with a basic PPPoE NAT setup. so i’ve followed this setup guide to get it going with the new ISP’s settings. They use a DHCP setup not PPPoE. I have internet and everything works fine except the port forwarding and i think it may be in the firewall settings?

Here is the guide i followed:

https://help.mikrotik.com/docs/spaces/ROS/pages/328151/First+Time+Configuration#FirstTimeConfiguration-ProtectingtheRouter

I currently have these settings in the firewall:

/ip firewall filter
add chain=forward action=fasttrack-connection connection-state=established,related
comment=“fast-track for established,related”;
add chain=forward action=accept connection-state=established,related
comment=“accept established,related”;
add chain=forward action=drop connection-state=invalid
add chain=forward action=drop connection-state=new connection-nat-state=!dstnat
in-interface=ether1 comment=“drop access to clients behind NAT from WAN”

i’ve also added this to the NAT:

/ip firewall nat
add chain=srcnat out-interface=ether1 action=masquerade

The internet runs on ether1(labelled as WAN) and the DHCP server for the LAN on ether5.

any help would be great. cheers

2

What exactly is your problem?
Access to systems inside your LAN is not possible, is that yours?
If so I can´t see any dst-nat rules in your config, like this one:

add action=dst-nat chain=dstnat comment="Allow HTTPS (443)" \
    dst-address-type=local dst-port=443 in-interface-list=public protocol=tcp \
    to-addresses=192.168.1.1 to-ports=443

Replace the IP with “your” IP and the in-interface-list with the name of your WAN-interface list and of course the port :wink: