RouterOS version: 3.17
Router: Mikrotik RB600
I have an RB600 connected to our comcast connection (static IP). We have masquerading working (clients behind the router can access the internet)
However I have been unable to setup a port forward to an internal server. Here is the ip firewall nat config
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
comcast src-address=192.168.6.0/24
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=\
1.2.3.4 dst-port=21 in-interface=comcast protocol=tcp \
to-addresses=192.168.6.10 to-ports=21
Here is the ip firewall filter config
/ip firewall filter
add action=drop chain=input comment="Drop invalid connections" \
connection-state=invalid disabled=no
add action=accept chain=input comment="Allow esatblished connections" \
connection-state=established disabled=no
add action=accept chain=input comment="" connection-type=ftp disabled=no \
dst-address=1.2.3.4 protocol=tcp
add action=accept chain=input comment="Allow related connections" \
connection-state=related disabled=no
add action=accept chain=input comment="Allow UDP" disabled=no protocol=udp
add action=accept chain=input comment="Allow ICMP" disabled=no protocol=icmp
add action=accept chain=input comment=\
"Allow connection to router from local network" disabled=no \
in-interface=!comcast
add action=drop chain=input comment="Drop everything else" disabled=no
TCP port forwards don’t seem to be working. Any suggestions on what I might be doing wrong?
Thanks,
Pramod