Hello all,
Recently I bought a Mikrotik switch,separate router (hex) and some WLAN ap’s to enhance my SoHo network, and I succeeded in setting up the desired config (VLANs, CAPSMAN etc) expect for one issue:
My home network uses 192.168.10.0/24 addresses and before using Mikrotik I had the following working as desired:
- An owncloud server on 192.168.10.21:443
- A port mapping on the router (technicolor, provided by ISP) that mapped incoming traffic from internet on port 8443 to 192.168.10.21:443
- DDNS for the public IP of the router (xxx.hopto.org)
I was able to access the owncloud system using the url : https://xxx.hopto.org:8443 . This worked outside home (so on the cellular 4G network, public hotspots etc) as well as at home when connected to the WLAN (which supplied addresses in the 192.168.10.0/24 range using DHCP). So, with this URL it (the ownlcoud client app / caldav config in google calendar) worked everywhere, great!
Now the ISP router has been degraded to a bridge and I have the hex in place as a router (that gets the public IP on ether1 by DHCP). On this router I have the following firewall NAT rules to try to achieve the same result:
add action=masquerade chain=srcnat comment=“defconf: masquerade” ipsec-policy=out,none out-interface-list=WAN
add action=dst-nat chain=dstnat comment=“Access to Owncloud server via HTTPS” dst-port=9443 protocol=tcp to-addresses=192.168.10.21 to-ports=443
When connected outside home, this setup works as expected, however when I’m connected to my WLAN (192.168.10.0/24 range using DHCP), my mobile phone / laptop doesn’t connect to the owncloud server using the URL https://xxx.hopto.org:8443. (the DHCP range is 192.168.10.32-192.168.10.64 so that there are no conflict with systems with static IP < 192.168.10.32)
I do see however that when I enter the URL in the browser of my mobile phone (connected to WLAN) , that the counters on the dst-nat rule start to increment, but I don’t see any traffic from router to owncloud server.
Question: how do I configure things such that the URL also works when on my WLAN ?
Thanks and best regards,
Bernard