I recently bought a 951G mikrotik router and a separate modem to replace my crappy old all-in-one adsl modem/router/AP. So what I want to achieve for now is pretty simple straightforward.
I want to be able to connect to the internet. I have achieved that by connecting the modem to the WAN (ether1) port (ether1) and set a NAT rule with masquerade for the pppoe interface.
I want to be able to access all of my devices, including the modem’s page. I setup IP Adresses range to 192.168.1.0/24 and everything works fine except the modem’s page which I am unable to access (192.168.1.1). I suppose I’ll have to set the modem up to another subnet 192.168.2.1 for example and then create an IP → addresses entry for that.
I want to be able to access some of my devices from the internet. I have setup IP → Cloud and a cname from my domain name provider so I can access it from outside home. This one fails hard. I want to work with ssh on port 4114 and the internal IP is 192.168.1.14. So I followed the numerous guides on the internet about setting up a NAT rule as dstnat with the right ports/addresses and it doesn’t seem to work - I get Connection refused in my terminal. The device behind this ip is an ubuntu machine with sshd enabled at 4114 and bind to 0.0.0.0. This has been already tested and working with my previous crappy router.
Any ideas will be appreciated. Let me know what information should I provide in order to request a little help
Yes, you will need a separate network for your Mikrotik’s WAN interface → modem. The route should automatically be added on your Mikrotik.
Can you post your config for the dst-nat rules? Also, can you post what your firewall rules are? Also… If you are getting connection refused - 9/10 you are getting the refused message from your destination. If the Mikrotik was blocking this connection you would get a “timed out” error.
Since your connection is refused, I truly believe that your issue lies with your Ubuntu machine.
Thanks for your reply. How do you want me to post the config? Would a screenshot be ok or there’s a specific command I can run ?
Well I have tried all interfaces “bridge”, “ether1”, “ppoe-out”, “wlan1” etc. In one of them “bridge” I am getting Connection refused. In the rest of them I am getting “timed out”. I don’t know which one is the right one to set, as I want inbound access from the internet to my internal network’s computer port.
I also tried to access my router from outside with IP → Cloud service but I am unable to. It seems everything is blocked ? I can ping it successfully though.
Please let me know which commands should I execute in order to retrieve all information necessary to post here. Without this information I find it impossible to get help.
I finally believe I am close to a solution. I cannot access my internal IP address from inside, through outside. What?
I am trying to ssh to the IP Cloud address which ends to Mikrotik and then forwards to internal IP. If I do the same from another network (tried my phone’s LTE) it connects just fine. It seems like a routing issue ?
