Open ports & enable UPnP

fdavidcn · March 28, 2011, 2:34pm

Good evening, I would explain to me how I do to open the correct ports to a PC or
failing that, properly activate UPnP. Right now I have these IP addresses:

((AP)) - RB433:
ADSL Gateway 1: 192.168.1.1 (UPnP Off)
ADSL 2 Gateway: 192.168.2.1 (UPnP Enabled)

eth0: 192.168.1.15
eth1: 192.168.2.6

wlan1: 192.168.4.1
wlan2: 192.168.5.1

BRIDGE-WDS (eth1 + wlan3): 192.168.3.1

((CLIENT)) - RB411U:
BRIDGE-WDS (eth1 + wlan1): 192.168.3.2
Computers on the network: 192.168.3.3 - 192.168.3.254

In AP, I have turned on NAT:
CHAIN src-nat ACTION masquerade.

I wonder as I have to configure the NAT and UPnP, for a client 192.168.3.0/24 take
ports open ports or enable UPnP.

Thanks.

fdavidcn · March 29, 2011, 10:35pm

someone can help me please???

fewi · March 29, 2011, 10:40pm

http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT#Port_mapping

That explains how to forward a port. I would recommend adding ‘in-interface=WAN’.

fdavidcn · March 30, 2011, 12:46am

Thanks for your answer fewi. I was read this, and don’t work at my lan. Please, see my simple graphic of my lan:

Thanks.

fewi · March 30, 2011, 12:48am

But what traffic are you trying to get from where to where? What are you trying to port forward?

fdavidcn · March 30, 2011, 12:53am

I want to forward PS3 ports (3074,5223, …) for address 192.168.3.3 from 192.168.2.1 (ADSL 2).

The address 192.168.2.6 (eth2) have DMZ activated.

Thanks.

fewi · March 30, 2011, 12:59am

Port forward on the ADSL router and insert a route on it pointing 192.168.3.0/24 via 192.168.2.6.
You may need to make some mangle rules that mark inbound connections and on the reverse path apply routing marks to force traffic back out that gateway if your default route on the RB433 isn’t via 192.168.2.6.

fdavidcn · March 30, 2011, 8:16am

Hi Fewi. Thanks for the answers. Here you have my firewall / route configuration on RB433:

Thanks fewi

plisken · June 6, 2014, 11:45am

Where are the images, ik have the same issue.

ferkop1 · June 19, 2014, 10:19pm

Better solution is setup the adsl router to bridge mode, setup ppoe client on mikrotik and forwarding in fireval via dst-nat to speciefied ip address

rextended · June 19, 2014, 10:39pm

Simply set the public IP address on Routerboard and enable UPnP (and/or enable UPnP also on ISP router), you do not need to pen single port, is all automatic with console.

The console must be plug directly on routerboard without using another wireless router between…