I have a MikroTik CRS310 SFP+ router which is currently configured as a switch. Currently I have 2 servers directly connected. Any device/service connected to the switch can be accessed locally on the network but when a port is opened on the router, the services are never available externally. I have tested with a different server that is connected directly to the router and am able to access the service externally.
Is there a configuration that I am missing in the MikroTik RouterOS settings? I have attached my configuration to this thread. mikrotik-config.rsc (1.87 KB)
It would appear to me you dont have a sweet clue of what is going on!
a. First, the product is a switch, not a router, although it can be used as a router if required…
b. Second, it actually is configured as a router, NOT as a switch, seeing as you have IP DHCP client enabled.
Using a term, that is already part of the RoS vernacular for the bridge name is confusing and not a good move. ( LAN is a terrible name for a bridge )
Why do you bother with the CRS310, when there are no vlans?? You have only one flat subnet.
Assuming you have a link to an upstream router or device on ether1? and you are getting a private IP on that link?
You have no IP address associated with the Bridge ???
You have wireguard setup but is seems to be mixed up on whether its a Peer (server for handshake) or Peer (client for handshake).
In other words, a hot mess.
( endpoint address should be public IP etc or Domain name etc… )
( no endpoint info required if a Server, persistent-keep-alive required if a Client )
( two entries of 0.0.0.0/0 for allowed IPs is just silly )
When you have a straight story, I may have a look.
Right now I would expect to see several vlans coming to the switch for different purpose, through a trunk port from an upstream router or switch.
If its one flat network, get yourself an unmanaged switch.
I reset the configuration in RouterOS (to eliminate any unnecessary or incorrect settings) while also trying different setups, but was unable to get those devices externally available. I also tried to configure the board to boot into SwOS mode, but it didn’t seem like that worked as the fans were at max speed and none of the status lights displayed any activity. I also was not able to get into the board configuration after booting into this mode.
I know you’re probably wondering why I have this board and why I didn’t get an un-managed switch. I received this board from someone else second-hand and have a super simple home-lab setup at home. I understand this board is completely overkill for my needs, but it has 10G connections on it which is crucial for my video editing setup as well as content distribution.
Understood, will try to help you set it up.
What I need to know is what is it connected to routerwise.
An ISP router, your own router?
Does the the upstream router have a static or dynamic IP
Does the the upstream router have a public IP address,
Can you access the upstream router and if not, can you at least forward a port on it.
I have a custom, non-ISP router that I can access via a web portal. The router is running OpenWRT.
The router has a static IP as 192.168.x.1
The router also has a public IP (it’s not static, but I check it frequently to monitor if it changes).
The router can and has open ports already (wireguard, minecraft, etc.) and those work just fine for the Mac Mini with Ubuntu on it that they are pointing to.
My goal here is to use Nginx Proxy Manager on the server itself to allow subdomains for the specific services I need. NPM and along with the web services are almost 100% setup, the last step is actually being able to connect to them externally. Neither a service through NPM or service directly accessed from my domain + a port will work for a service that is on the machine connected to the MikroTik board.