Here is a screenshot from my old router that worked fine, as for the Mikrotek only plex works fine.
Hi,
What do you mean with "works"?
What does not work for other types?
For me the second uncontitional src masquarade is a problem, however without full config it's hard to judge.
I followed this tutorial to setup my internet , https://www.eigenrouter.nl/en/guides/mikrotik/kpn/Mikrotik-Internet-only
As for the HTTPS/HTTP/WireGuard/Plex it runs all inside unraid so i gave it a static IP again in mikrotik and trying to point it to the correct port.
Just post your config.
Export it with /export command, remove any confidential data and post using < / > code tag
Ok i tried to fix it up a bit with help from chatgpt/gemini as for the port forward it’s still not working there should be a HTTPS connection. i also changed the webport for router to 81 so i can still access it.
Any help is welcome.
That DST NAT for port 443 should work, but only if connection attempt comes via WAN interface (so you can't test it from within your LAN even if using WAN IP address). The same as for port 32400.
So again: how exactly "it doesn't work"?
Harpin NAT: NAT - RouterOS - MikroTik Documentation
i have 2 subdomains pointed to my Wan IP and a nginx proxy behind it (18443/1880) that points to the correct docker container.
In my old router that worked fine, i also noticed that plex is not working like it should i am missing a lot of qualitys when trying to play a movie/tv show. before i could select 1080P /720P now i got 240/420 and that’s it.
My last attempt ...
So, you're saying that if you try to connect your WAN IP using TCP port 443 from external client (e.g. smart phone using mobile data service) nothing happens? The firewall rule counter doesn't change, the connection simply hangs? And if you run snooper or sniffer, you can actally see incoming packet over WAN interface but it doesn't appear elsewhere in any shape?
One thing that it might bite you: many other vendors add some implicit configuration to their SOHO devices, ROS is very transparent ... if you don't see config, it's not there. One example is hair-pin NAT , @BartoszP pointed at it. Some vendors have it (implicitly) enabled. And I can guess there are other similar functions that you might unconciously rely on (so your own services expect particular firewall behaviour) but are not enabled on ROS.
Resolved made a dst-nat and a maquerade rule