I have a Mikrotik LHG LTE device.
Its local IP address is 192.168.88.1
Behind it is a Tp-link router with an IP address of 192.168.0.1
(This device receives a 192.168.88.200 WAN IP address from Mikrotik.)
Behind this TP-link router is a set top box with a local IP address of 192.168.0.18
I would like to open FTP port 21 of this set top box to the internet on external port 21212.
How do I configure NAT and HAIRPIN NAT?
I don’t see the router’s admin interface from the internet either, even though DDNS is turned on in the CLOUD menu. The LHG device responds to Ping.
Well you start at the TP LINK
Port forward port 21 to the lanip of the FTP server.
At the next stop, the MT, you will be forwarding port 21 to the WANIP of the TPLINK (its LANIP on the MT subnet).
Since its coming into the MT as a different port you will need port translation in your Dst Nat rule.
Why do you need hairpin nat? Just have internal users use the LANIP of the server if behind the TPlink router.
Sorry if you dont understand that the TP LINK needs port forwarding rules set on its own configuration to get the feed from the primary router on its WAN port, to transfer it to the TP link LAN, and then to the server on the TPLINK LAN, then you are beyond help.
Is there something not understood about your network??
Thanks.
So then:
In the TP-link router, port forward to the FTP server on port 21?
In Mikrotik, should the incoming port 21212 be forwarded to the address of the TP-link router (192.168.88.200) as port 21?
{PUBLIC IP}: 21212 (Mikrotik)—192.168.88.200:21 (TP-link)—192.168.0.18 (FTP server): 21?
Yes, the microtik can do the port translation to port 21 so the dst-port is 21212 and the to-ports is 21 on the destination nat firewall rule on the MT