SSH port forwarding on a Bridge in conection PPPoE

RouterOS Beginner Basics
1

Dear,

I am a beginner in the mikrotik configuration, result: Port forwarding to SSH server does not work in public internet! I'm doing something wrong because I've tried all instructions in the wiki for port forwarding, NAT and none works. Can you help with this problem? Asap please... :slight_smile:


Current setup:

Router IP: 192.168.5.254
Local network (ether2): 192.168.5.0/24
Public IP/port: 100.XXX.XXX.XXX:1992
SSH Server/port: 192.168.5.250:1992

\export compact

dec/20/2018 16:26:36 by RouterOS 6.41.3

software id = XXXX-XXXX

model = RouterBOARD 750G r3

serial number = XXXXXXXXXXXX

/interface bridge
add fast-forward=no name=Bridge1
/interface ethernet
set [ find default-name=ether1 ] name="eth1 - WAN"
set [ find default-name=ether2 ] name="eth2 - LAN"
set [ find default-name=ether3 ] name="eth3 - CFTV"
/interface pppoe-client
add add-default-route=yes dial-on-demand=yes disabled=no interface="eth1 - WAN" max-mru=1480
max-mtu=1480 mrru=1500 name=pppoe-out1 password=XXXXXXXXXXXX user=XXXXXXXXXXXX
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp_pool0 ranges=192.168.5.12-192.168.5.243
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=Bridge1 name=dhcp1
/queue simple
add disabled=yes max-limit=1088k/1088k name=Teste target=192.168.5.18/32
add disabled=yes name="RMA 01" target=192.168.5.57/32
add comment=LIMITADO max-limit=1M/1M name="DEBUG 02" target=192.168.5.114/32
add max-limit=1M/1M name="DEBUG 01" target=192.168.5.33/32
add max-limit=1M/1M name="RMA 02" target=192.168.5.31/32
add max-limit=1M/1M name="RMA 03" target=192.168.5.94/32
add max-limit=1M/1M name="RMA 04" target=192.168.5.34/32
add max-limit=1M/1M name="RMA 05" target=192.168.5.74/32
add max-limit=1M/1M name="RMA 06" target=192.168.5.17/32
add max-limit=1M/1M name="QUALIT. 01" target=192.168.5.55/32
add max-limit=1M/1M name="ESTOQUE 01" target=192.168.5.51/32
add max-limit=1M/1M name="ESTOQUE 02" target=192.168.5.39/32
add max-limit=1M/1M name="MANUT. 01" target=192.168.5.62/32
/interface bridge port
add bridge=Bridge1 interface="eth3 - CFTV"
add bridge=Bridge1 interface=ether4
add bridge=Bridge1 interface=ether5
add bridge=Bridge1 interface="eth2 - LAN"
/interface bridge settings
set use-ip-firewall=yes
/ip address
add address=192.168.5.254/24 interface=Bridge1 network=192.168.5.0
/ip arp
add address=192.168.5.14 interface=Bridge1 mac-address=58:10:8C:84:E2:83
add address=192.168.5.250 interface=Bridge1 mac-address=00:15:5D:6D:07:0A
add address=192.168.5.153 interface=Bridge1 mac-address=28:C2:DD:3D:51:50
/ip dhcp-server network
add address=192.168.5.0/24 gateway=192.168.5.254
/ip dns
set allow-remote-requests=yes servers=1.1.1.1,1.0.0.1
/ip firewall filter
add action=accept chain=input dst-address=100.XXX.XXX.XXX dst-port=1992 protocol=tcp
add action=accept chain=input dst-address=100.XXX.XXX.XXX dst-port=1992 protocol=udp
add action=drop chain=input dst-port=23 protocol=tcp
add action=drop chain=input dst-port=22 protocol=tcp
add action=drop chain=input dst-port=80 protocol=tcp
add action=drop chain=input dst-port=21 protocol=tcp
/ip firewall nat/ip firewall nat
add action=dst-nat chain=dstnat dst-address=100.XXX.XXX.XXX dst-port=1992 log=yes log-prefix=
SSH_TCP_ protocol=tcp to-addresses=192.168.5.250 to-ports=1992
add action=masquerade chain=srcnat out-interface=pppoe-out1
/system clock
set time-zone-autodetect=no time-zone-name=America/Bahia