Good Day,
My Mikrotik HeX is setup with the latest RouterOS version 6.44. It gets its internet/public IP from a modem connected on the WAN port in (i believe) Bridge Mode. This external modem has an ssh service running on the public IP on default port 22. I need to NAT another port to access SSH of the Mikrotik Remotely.
- If I connect my Laptop via ethernet to the Mikrotik I am able to SSH into the mikrotik on is local lan ip 10.0.0.1.
- If I try and connect via it public IP “ssh -p7000 admin@” then it shows:
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: resolve_canonicalize: hostname xx.xx.xxx.xxx is address
debug2: ssh_connect_direct
debug1: Connecting to xx.xx.xxx.xxx [xx.xx.xxx.xxx] port 7000.
debug1: Connection established.
debug1: Local version string SSH-2.0-OpenSSH_7.9
ssh_exchange_identification: read: Connection reset by peer
I do not think it is a Firewall/NAT issue as it is getting “Connection established” but then failing.
For reference the firewall config is as follows (and is move up to the top of the list):
/ip firewall nat add chain=dstnat action=dst-nat in-interface=ether1-wan protocol=tcp dst-port=7000 to-addresses=10.0.0.1 to-ports=22
/ip firewall filter add chain=input in-interface=ether1-wan protocol=tcp dst-address=10.0.0.1 dst-port=7000 comment=mikrotikssh
I appreciate any feedback?
Thanks,