Hi,
I’m relatively new to mikrotiks and would really appreciate some guidance here.
So the scenario is:
I have an SNMP enabled device on a local LAN that is sending UDP SNMP Inform messages to a Network Management system in AWS with a public IP address. On receipt of the SNMP Inform message (trap) the NMS sends an acknowledgement to the originating device. On receipt of the acknowledgement the originating device seizes sending any further repeat 'traps".
Communications between NMS and SNMP enabled device are udp and destination port 162.
The problem is that the acknowledgement messages from the NMS are being forwarded to the SNMP device on the LAN using the mikrotik NAT assigned source port in the outbound message to the NMS.
The inbound messages (acknowledgement) from the NMS are arriving at the WAN interface of the mikrotik with a source port of 162 and a destination port of the NAT assigned port for the SNMP device on the LAN.(ie the messages from the NMS are correct)
These WAN port assignments are not being changed before being forwarded to the LAN. The IP address translation is correct but the packets forwarded on the LAN have a source port of 162 (correct) and a dest port asigned by the NAT outbound (wrong). The destination port should be translated back to port 162 before forwarding to the LAN.
I’m stuck
Any help would be very much appreciated.
Cheers
Pete
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN protocol=udp src-port=162 to-ports=162
Put the rule before any other masquerade one
Thanks TheCat12
I tried the above and still no success.
When I do a packet capture on the lan ether port the outboud packets from the SNMP device are showing their source port as having already been changed from port 162 to a random ( I would say NAT assigned port) which changes with each packet.
It feels like I have a configuration somewhere that is causing this but I cant see it.
Again any assistance is really appreciated.
Thanks again
Pete
Hi!
The firewall NAT actions src-nat and masquerade do the reverse port translation correctly, so what you describe is probably not what is happening. (Or not all that is happening.)
To clear up the situation: create a packet capture on both the LAN and WAN side for these packets. (This can be done using your router’s in-built tools.) And post a full config export of your router. (/export file=asdf - you may want to redact some things you consider private)
Hi all,
Thanks so much for your help.
Lurker888 you were right. My packet captures had been WAN side only and I confused myself by assuming the constantly changing source port on outbound messages was the Router NATs work but looking on the LAN side the source equipment changes the source port evry message. So the problem is the SNMP source equipment.
Please accept my apologies and thanks again
No need to apologize; everyone’s just here to help. (Okay, sometimes people just come for some fun flame wars 
)
Glad it’s resolved.