I have a problem with connecting with winbox on routerboard 4xx and 1xx with routerboard OS 3.5 and higher. Same problem i have with connecting on routerboard 532 and 600, when is installed ROS 3.2, 3.3, 3.5 and 3.7 or higher when is routerboard situated in private network and remote control is provided with destination nat on winbox port.
For example: 1.1.1.1:62003 is dstnat on 192.168.2.3 on port 60003. This is private address of routerboard 433 with routerOS 3.9. Winbox port is set to 60003 for my better orientation in ip address and port
If I have install ROS 3.4 (but I must install this from older version, and this is possible only at some routerboard, which is distributed with older version, if I install 3.4 from newer version using downgrade, problem is same and winbox isnt able to connect), then is able to login using winbox tool. But if I upgrade to any higher version of ROS, is unable to login using winbox tool and I have to use telnet.
And routerboard 433 is distributed with RouterOS 3.6 …
I am sure, that my NAT rule is OK, because on the other routeros, where is mikrotik situated and is in needed version that NAT rule is ok and winbox connection is function. My mistake in NAT settings is out. Probably there is a mistake or system error of producer this system.
1.1.1.1:62003 is DST-NAT at 192.168.2.3:60003, winbox port is set on port 60003, version of mikrotik is 3.9
(1.1.1.1 is my public IP)
Anoher idea,
how can I set SNAT DNAT rules, that mikrotik on private address 192.168.2.3 be accessible when I connect on public address 1.1.1.2
src-nat rules configuration is reversed dst-nat rule configuration. src-nat rule is required, if you want to set that private host should always sent traffic trough specific IP address [it is required when direct communication is required between host in private network and public host].