Hi all,
I deploy Mikrotik routers in SOHO environments and a problem I come across frequently, which I have been meaning to find a solution for some time, is where a customer has a Smartphone App to access an internal service (server PC) on their network. The senario is usually this:
1 x fixed public WAN IP (usually on PPPOE interface) for internet access to ISP
1 x DHCP /24 Private LAN with any internal server PC’s made static IP’s on LAN
1 x srcnat from LAN to WAN (usually Masquerade all out of WAN)
1 x NAT dst-nat rule to forward Dst.Port to the server PC e.g.for Unifi smartphone app to reach Unifi server on LAN:
chain=dstnat action=dst-nat to-addresses=192.168.90.198 to-ports=8443
protocol=tcp dst-port=8443 log=no log-prefix=“”
Now when the phone app access settings are completed with the WAN public IP, the access to the service works from any external location (on 3g/4g mobile network for example - remote access works), but when the smart phone is on the LAN (using wifi in the same office) there is no access.
As a work-around I can change the phone app settings to the LAN address of the server when using wifi at the server location, but this is not a convenient answer.
What do I need to do to allow the WAN IP address settings to communicate with the server when the users mobile device is connected on the LAN?
Many thanks
Steve