I need to open RDP (3389) i know its unsafe but its just for testing. When i go to nat in winbox and add the following rule
/ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-port=3389 in-interface=ether1 protocol=tcp to-addresses=192.168.88.250 to-ports=3389
then i test if the port is open using canyouseeme.org and i get connection refsued, port is closed. Any ideas? Thanks.
The normal state for port on mikrotik when configured is to appear closed but visibile.
When you have a source address list attached to the nat rule, the port is invisible to scans.
Did you actually get someone to access your RDP server via the internet as a test??