Hello everybody,
I’ve got an MT RB, with public IPs. On ethernet port I use an another RB with privat IP.
All other AP’s privat IP use dst-nat and 80 port is forwarded corretcly, but RB 8291 port doesn’ work.
Can I forward the inner RB 8291 (winbox) port forward to my Public IPs-RB, eg.:
dst-nat IP: 195.15.195.195, protocoll TCP port 8292, action IP 172.16.20.110 port 8291
Or is it impossible???
Steve
Your question is very ambiguous. Are you saying that you want to forward all TCP traffic arriving at 195.15.195.195:8292 to 172.16.20.110:8291? it is quite possible.
/ip firewall nat
add action=dst-nat chain=dstnat comment="forward Winbox" disabled=no protocol=tcp dst-port=8292 dst-address=195.15.195.195 to-addresses=172.16.20.110 to-ports=8291
Hello skillfull,
thank you for your answer.
Thats correct way, but I could connect to inner RB anyway, but I try to portforward with the 80 port
/ip firewall nat
add action=dst-nat chain=dstnat comment=“forward Winbox” disabled=no protocol=tcp dst-port=17001 dst-address=195.15.195.195 to-addresses=172.16.20.110 to-ports=80
and it doesnt work too like the 8291 port
I dont know how does it work coorectly
Maybe you have a firewall rule blocking unsolicited traffic from entering your router. Add a firewall rule to accept incoming packets destined for 172.16.20.110
/ip firewall filter
add action=accept chain=forward comment="" disabled=no dst-address=172.16.20.110
Place this rule ahead of all drop rules.