Hello. I have a problem on a device:
I configured a nat-nat dst port 3389 for remote desktop.
In the event that I want at this point to connect an external connection to the server I have no problems and there I reach.
The problem to me is inversely namely:
if you want to access from under my network to a remote desktop devices, it does not make me leave. As soon as I disable the rule in the firwall mikrotik, I can do remote desktop outside of my network, but I no longer get into my server from outside. Could you help?
General hint: If you want to get help, provide as much info as possible. If you created a rule and it’s not doing what you expected, you have to tell us the exact rule. We are not mind readers, but I will try anyway. 
In this case, your rule is most likely too broad and catches all connections to port 3389, no matter what their destination is. In other words, you probably have:
/ip firewall nat
add chain=dstnat protocol=tcp dst-port=3389 \
to-addresses=<server IP> action=dst-nat
But you need one of the following (there are slight differences/limitations/side effects, but all three rules do basically the same thing):
/ip firewall nat
add chain=dstnat protocol=tcp dst-port=3389 dst-address=<WAN IP> \
to-addresses=<server IP> action=dst-nat
/ip firewall nat
add chain=dstnat protocol=tcp dst-port=3389 in-interface=<WAN interface> \
to-addresses=<server address> action=dst-nat
/ip firewall nat
add chain=dstnat protocol=tcp dst-port=3389 dst-address-type=local \
to-addresses=<server address> action=dst-nat