NAT question

Shirenzo · July 23, 2023, 12:19pm

Hello,

I got a question.
The following configuration i have:

Basic WAN IP 100.100.100.100
Basic Firewalls setup (From quick setup)

A LAN subnet with a bridge: 10.10.10.0/24
A server with the IP: 10.10.10.100/24

The server 10.10.10.100 is sending SMTP traffic to port 25 to IP 100.100.100.100 from within the network.
I created a DST-NT with the config:

/ip firewall nat add chain=dstnat action=dst-nat dst-address=100.100.100.100 src-address=10.10.10.100 dst-port=25 to-addresses=10.10.10.100 protocol=tcp

But this is not working.

In testing everything including sending traffic from within the lan 10.10.10.0/24 to the ip 100.100.100.100 but it is not sending the traffic to 10.10.10.100 on port 25.

What am i doing wrong?

Shirenzo

wiseroute · July 23, 2023, 2:01pm

hello shirenzo,

/ip firewall nat add chain=dstnat action=dst-nat dst-address=100.100.100.100 src-address=10.10.10.100 dst-port=25 to-addresses=10.10.10.100 protocol=tcp

you don’t need that src-addr.

and specify which interface should listen for the incoming traffic to be translated.