PORT FORWARDING

2-PeK · December 6, 2004, 4:52pm

Hi there…

I have a Mikrotik running, with a AP, with which clients connect to…now my router connects pppoe through the internet, and is running DDNS to update a DNS name with its new IP address…

Now I have a client who wants to access his computer from the internet…Can anybody please help me!!? I know it is possible, but I dunno how to do it

Darren

mag · December 6, 2004, 6:57pm

see documentation: http://www.mikrotik.com/docs/ros/2.8/ip/nat.content
under redirect

example (192.168.255.10 is local webserver):

in-interface=pppoe dst-address=:80 protocol=tcp action=redirect to-dst-address=192.168.255.10 to-dst-port=80

regards
matthias

2-PeK · December 6, 2004, 7:17pm

Thanx a million dude…I am getting some where now

ssteele · December 7, 2004, 8:39pm

Can you pleaaaaaaaaaaaase help me out here .. you sem to know something about this.. i can’t seem to open port 25 for my mailserver on MK anytime i scan the ports it says closed no matter what i do any ideas???

thanks

Sheldon

_ASM · December 7, 2004, 8:59pm

If you stopped connection tracking then start it

ssteele · December 8, 2004, 1:30am

i don’t even know what that is let alone turn it off LOL…next suggestion…

do you know how to set it up for a mail server or not?

_ASM · December 8, 2004, 6:10pm

try with action=nat
if it doesn’t work again please post the results of these commands:

/ip address export
/ip firewall src-nat export
/ip firewall dst-nat export

ssteele · December 10, 2004, 6:45pm

here is the info you requested

/ ip firewall src-nat
add out-interface=Public action=masquerade comment="" disabled=no
add src-address=192.168.0.30/32 out-interface=Public action=nat comment="this rule allows ONLY THIS PUTER
ACCESS TO THE NET." disabled=yes
[admin@MikroTik] > /ip firewall dst-nat export

dec/10/2004 11:51:41 by RouterOS 2.8.19

software id = IMXI-FLT

/ ip firewall dst-nat
add dst-address=68.150.192.222/32:53 protocol=udp action=nat to-dst-address=192.168.0.11 comment=""
disabled=no
add dst-address=68.150.192.249/32:53 protocol=udp action=nat to-dst-address=192.168.0.2 comment=""
disabled=no
add dst-address=:25 protocol=tcp action=nat to-dst-address=192.168.0.30 comment="it's gotta be this one or
the other one CHANGED THIS TO PUBLIC SEE WHAT HAPPENS ...disabled this one to allow new last rule a
chance to work ????????" disabled=yes
add dst-address=68.150.192.222/32:23 protocol=tcp action=nat to-dst-address=192.168.0.30 comment="for ssh
access" disabled=no
add dst-address=68.150.192.222/32:22 protocol=tcp action=nat to-dst-address=192.168.0.30 to-dst-port=22
comment="" disabled=no
add src-address=192.168.0.30/32 action=accept comment="i don't know he says .30 should be able to get out wit
htis and a simialr one in forward rules ??????????" disabled=no
add dst-address=68.150.192.222/32:25 protocol=tcp action=nat to-dst-address=192.168.0.30 comment=""
disabled=no

/ ip address
add address=68.150.192.217/24 network=68.150.192.0 broadcast=68.150.192.255 interface=Public comment=""
disabled=no
add address=68.150.192.249/24 network=68.150.192.0 broadcast=68.150.192.255 interface=Public comment=""
disabled=no
add address=68.150.192.222/24 network=68.150.192.0 broadcast=68.150.192.255 interface=Public comment=""
disabled=no
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local comment="" disabled=no