barred
August 30, 2011, 10:33am
1
Hello,
Sorry but i don’t understand why my forward port dosn’t work…
I habe my RB450G with ip adresse 172.16.0.1.
I want only from outside(internet) to have acces to my website on my Synology.
so i have this port open:
/ip firewall nat add chain=dstnat dst-port=80 action=dst-nat protocol=tcp to-address=172.16.0.3 to-port=80
source: http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT
but when this rule it’s activated, my internet connection dosn’t work and i don’t have connection to my synogy too…
how I can do ?
PS: Sorry for my bad english
mrz
August 30, 2011, 10:39am
2
“internet traffic” is not working because you are redirecting all port 80 traffic to 172.16.0.3, even from 172.16.0.3 itself.
You have to add in-interface to your rule and probably dst-address.
barred
August 31, 2011, 10:38pm
3
thx for your answer
but I don’t understand.
I need to create a new interface with a destination to my webserver ?
fewi
August 31, 2011, 10:51pm
4
That rule forwards all tcp/80 traffic to that server. Including someone on the LAN going to google.com . Fix that by adding ‘in-interface=INTERFACE_NAME’ to the NAT rule. Replace “INTERFACE_NAME” with the name of your WAN interface, obviously.
If you want LAN clients to be able to go to the public IP address of the server read http://wiki.mikrotik.com/wiki/Hairpin_NAT
