Hello!
I’m having problems with accesing my remote MT with winbox. I can connect to 433ah, but everything behinde is unconnectable with winbox.
I can access them with telnet from 433ah, i can ping and traceroute from all MT’s to all destinations but i can’t ping or traceroute networks that are behinde 433ah!
Firewall is empty on 433ah!
Users behinde 411 can go on the internet normaly.
internet ----- r1 ---- 433ah --------411—
I
I
myPC*
*is connected to r1
Most likely NAT is configured on RB433 and there is no separate routable IP subnet for RB411 and client.
You may use NAT on RB433 (DST-NAT) and forward requests from public network to local by NAT (for example Winbox port, or any other port, which could be used for management).
the issue here is you can’t access 2 devices through one IP on the same port, so you need to do something like this for your 411
/ ip firewall nat
add chain=dstnat action=dst-nat to-addresses=“411 internal ip address” to-ports=8291 in-interface=wan dst-port=8292 protocol=tcp comment=“forward Winbox to Station” disabled=no
then when you use winbox connect use
x.x.x.x:8292
Rich
Thank you for your replyes, i tried all of the above with no effect, i'll post smoe more details:
MT1 is connected to R1(this is our gateway for internet)with ether1. -192.168.7.2
MT1 is connected to MT2 with wireless1. - 10.10.10.1
MT1 NAT table:
0 chain=srcnat action=masquerade out-interface=ether1
1 ;;; forward Winbox to Station
chain=dstnat action=dst-nat to-addresses=10.10.10.2 to-ports=8291 protocol=tcp
in-interface=ether1 dst-port=8292
0 A S 0.0.0.0/0 192.168.7.1 1
1 ADC 10.10.10.0/27 10.10.10.1 wlan1 0
2 A S 10.10.10.0/32 ether1 1
3 ADC 192.168.7.0/30 192.168.7.2 ether1 0
hit me up on skype and i will help you out