Yes I do know this is insecure, but I would like to know how to do it. I have a specific usage case where I have a bunch of PLCs and I am not sure what ports they communicate on. And yes it is a huge variety, enough that I dont want to manage port configurations. What is the best way to do this with the firewall filter rules?
If you leave you firewall filters blank it will allow everything through.
You can also make a filter rule that is blank and action set to allow.
You can also create a filter rule that the action is set to allow, and when setting it up mark TCP or UDP (whichever you want or create 2 rule to do both) then in DST Port do a range like so depending on your needs 0-40000.
If you are doing this in NAT so you want to Port Forward all ports to one device you create a rule using the chain dst-nat mark the incoming interface as you WAN interface leave everything else blank and on action select dst-nat, to address to whatever the Ip of the device your port forwarding to
I’m not sure if this is what you wanted, but are you talking about DMZ?
http://forum.mikrotik.com/t/how-to-forward-dmz/35097/1
There is conflicting terminology here.
Are you looking to forward ports (to allow connections to internal network device), or open ports (to allow connections to your router)?
First guy who responded understood what I wanted to do, it worked. Thanks guys!
in ip firewall nat> add this two rules
0 chain=dstnat action=dst-nat to-addresses=192.168.88.100(unit or pc ip that u want to forward all ports) protocol=tcp in-interface=WAN
1 chain=srcnat action=masquerade
this should open-redirect all ports
After adding these rules it’s probable that u cannot open Mikrotik unit Web because port 80 is also redirected