I have a Mikrotik RB750Gr3 router with RouterOS 7.12.1. Ether 1 is connected to the internet on a static IP. Ether 2 plugs into the protected side of DCB box 1 running as a server. The DCB box basically is a hardware VPN. The unprotected side is connected to the internet. At a remote location I have DCB box 2 running as a client. In this location there are numerous other devices connected to the protected side. I can connect to the router with a VPN and then ping and connect to the devices at the remote location. What I would like to be able to do is to port forward from the router to one of the devices at the remote location.
My NAT entries are as follows:
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN log=no log-prefix=“”
1 ;;; test TCP
chain=dstnat action=dst-nat to-addresses=192.168.146.226 to-ports=50001 protocol=tcp in-interface-list=WAN dst-port=50001 log=yes log-prefix=“test TCP”
I don’t know if my problem is in the router or in the DCB box. The DCB box really is a simple thing and doesn’t do any routing. It is supposed to just look like a wire. I’ve done port forwarding this way before but without the DCB box in the middle.
I see bytes and packets show up on the NAT tab when I attempt to connect but the connection isn’t made and it eventually times out. This is what I see in the log:
test dstnat: in:ether1 out:(unknown 0), connection-state:new src-mac xx:xx:xx:xx:xx:xx, proto TCP (SYN), xxx.xxx.xxx:42720->xxx.xxx.xxx.xxx:50001, len 60
If I use the Packet Sniffer I see tx packets but no rx packets.
Any suggestions on where to start looking would be greatly appreciated.