Good Morning,
I have a problem, when I unlock port 80 on my RB, I can access my website normally via other external connections, but I noticed that I cannot access some websites from the computer where the XAMPP server is hosted.
What am I doing wrong?
It seems (and it’s hard to verify as screenshot doesn’t show everything) that your DST-NAT rule isn’t very selective: it matches every packet with dst-port one of configured, regardless where the packet came from. You probably want to perform NAT only on connections from internet, so you should properly configure either in-interface or (better if your firewall still follows default concept of using interface lists) in-interface-list.
A couple of related notes:
Have a read… https://forum.mikrotik.com/viewtopic.php?t=179343
Properly formatted dst nat rules are key
Forward chain firewall rule required ( usually covered by default rules )
If server is being reached by LAN users on the SAME subnet, and they are attempting to use WANIP vice lanip to reach the server, then you have to consider NAT loopback or hairpin nat.
I read the link you sent me, but I don’t know where to start, I confess that I’m very newbie.
I currently have 2 problems.
1 - When I open port 80 to access my web server, I cannot access some sites from the machine running XAMPP (IP 172.16.90.2)
2 - I can’t access my web server from within itself through the ip 172.16.90.2. Only people outside the network for example using 4G or proxy…
No worries lets start with the basics… describe network and requirements…
I came to share with you how I solved it.
I put it in IN interface, where the internet link comes from, and it was solved.
Dont have the config,
Dont know the network
Dont know the requirements,
Sorry nothing learned here but glad you fixed your problem.
the nowadays very common practice of doing nat without specifying interface
thank you for sharing the solution