Hello, I am sure this has been asked before…
My setup is Internet-----Mikrotik-------ipcop-------LAN
I want to forward a port from Mikrotik to ipcop.
I have checked the settings over and over again but no dice. Is this even possible?
I am thinking the dual NAT’s is causing a problem…
tks
Had this exact problem a while ago and I couldn’t manage. My setup was:
Internet-------IPCOP-------RB750-------LAN
IPCOP did NAT and forwarded ports to the RB and that’s where it died(the RB didn’t have those services listening(25, 85, 110) to accept and forward onto the LAN’s mailserver). It’s basically a daisy-chained port-forward- which is kinda ugly.
AFAIK, you need to have services listening on the IPCOP once you port-forward from the RB.
I just stopped there, since the RB(in my instance) doesn’t have many services- ftp, http, https and 2/3 other services.
Would be helpful if someone from MT can comment on this.
Thanks and havva cuppa…
Helmuth Kisting
Are you using routing?
And does your internet work
Thanks for your comments hking. When you say services on ipcop, I am assuming you mean to have them running directly from the ipcop linux kernel?? I am actually just trying to port forward 3389 for RDP into my desktop machine, you would think that my RB450 would just forward the traffic on and ipcop would pick it up as normal internet traffic, seems strange as it worked before and all that i have done is stick ipcop in behind my RB450, and giving it a different external (nat ip). I was not aware that tcp traffic when passed through a NAT is changed that much…
to answer the other question, I am not doing any fancy routing. I have all my ports setup in a bridge (default) and have two simple dst and src nat rules setup. Yes, my internet is working.
thanks
What ips are your Internet-----Mikrotik-------ipcop-------LAN
So you saying that mikrotik(in & out interface) is in the same bridge?
So if internet ip is 192.168.2.1 then mikrotik bridge is 192.168.2.2 and ipcop red is 192.168.2.3
If so then all you need to do is to let your isp or urself forward port 3389 to 192.168.2.250. Then create a alias in ipcop with ip 192.168.2.250 and use ipcop port forward to forward port 3389 from 192.168.2.250 to internalk ip address.
Why would you want to put mikrotik between ipcop and internet if ipcop can do the same as mikrotik.
Hey, thanks for the reply. Answers below:
What ips are your Internet-----Mikrotik-------ipcop-------LAN
IP addresses are: Internet 64.x.x.x, Mikrotik 192.168.88.1, ipcop red interface 192.168.88.x (dhcp assigned), ipcop green interface (lan) 10.x.x.x
So you saying that mikrotik(in & out interface) is in the same bridge?
Yes, i was wondering if this was a problem or not? I had asked a networking guy who works with it more than me and he had said it was fine that way…
So if internet ip is 192.168.2.1 then mikrotik bridge is 192.168.2.2 and ipcop red is 192.168.2.3
If so then all you need to do is to let your isp or urself forward port 3389 to 192.168.2.250. Then create a alias in ipcop with ip 192.168.2.250 and use ipcop port forward to forward port 3389 from 192.168.2.250 to internalk ip address.I
I had noticed the option for aliases and tried adding one as you suggested, however, it did not work and it also caused internet access to go offline for some reason to my 10.x.x.x internal network.
Hope that answers your questions.
tks
Ok try this.
Doing that should not bring down your system. Maybe you system went down due to ip conflict or the dhcp assigned thing.
Good Luck
Look at my settings
Ok, thanks. I will give that a shot and see if it works.
Will let you know.
Jeremy
Did it work?