I bought new 951G-2HnD today and can’t set it up right.
I have local web server, it should receive all incoming port=80 and port=12345 (ssh) connections. I have torrents on my laptop. I want to be able to ssh-connect from laptop to server through local network.
Here what I have so far:
// rule for local clients to internet:
add action=masquerade chain=srcnat comment=“default configuration” out-interface=ether1-gateway
// rules for tcp and udp from internet with ports=80,12345 (5.120.90.10 is my static ip address, 192.168.88.2 is server’s local ip):
add action=dst-nat chain=dstnat dst-address=5.120.90.10 dst-port=80,12345 protocol=tcp to-addresses=192.168.88.2
add action=dst-nat chain=dstnat dst-address=5.120.90.10 dst-port=80,12345 protocol=udp to-addresses=192.168.88.2
// rule for server response to local clients:
add action=masquerade chain=srcnat src-address=192.168.88.0/24 protocol=tcp dst-port=80,12345
// the last non-working rule for forwarding any other port (torrents) to laptop (it’s local ip 192.168.88.10):
add action=dst-nat chain=dstnat disabled=yes dst-port=!80,12345 protocol=tcp to-addresses=192.168.88.10
If I enable the last rule, torrent client works and internet disappears. How to write it right?
Also, I can’t ssh-connect to my local server. I can connect to it through other, remote machine? but direct connection through lan (like ssh user@192.168.88.2 -p 12345) does not work.