I need some help with configuring port forwarding on a Mikrotik RB951G-2Hnd.
It seems that my Mikrotik router is behind a Carrier Grade NAT (CGN). The IP Address in the Mikrotik configuration is from 100.64.0.0/10, but when I check my public IP I can see something totally different, and my public IP address is changing dynamically.
I also enabled DDNS in the Miktortik configuration, but it is not working properly and I get this error message:
DDNS server received request from IP 94.248.149.102 but your local IP was 100.64.151.58; DDNS service might not work.
Can someone please help me with how I can configura a NAT rule or something, so that I can reach my Mikrotik router from outside of my LAN?
This is completely up to your ISP. Technically there is nothing you can do. When the traffic heads to “your public IP”, it’s the router that holds that IP address can decide what to do with that traffic. That router belongs to the ISP.
However I am almost certain your ISP would provide you with an Public IP, in exchange for cash
You can setup a MikroTik Cloud Hosted Router on Amazon AWS and use that as a VPN concentrator. Then you can connect your device (laptop, phone, etc) to the VPN and also connect your MikroTik at home to the VPN to get remote access without a public IP.
If you just want to be able to connect via ssh and manage your devices you can use a tor hidden service, if you want to host something on the internet then you have to ask you isp for upnp on your interface or static port nat mapping or 1:1.
