Issue:
Port forwarding with not working.
Setup:
4x PPPoE client VRRP’d to ISP, I have four public IPs, and willing to use each of them for separate purposes, they are all Dynamic.
Any hints?
the mangles:
# sep/24/2015 3:47:37 by RouterOS 6.30.2
# software id = XXXX-XXXX
#
Flags: X - disabled, I - invalid, D - dynamic
0 D chain=forward action=change-mss new-mss=1440 passthrough=yes
tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1441-65535
log=no log-prefix=""
1 D chain=forward action=change-mss new-mss=1440 passthrough=yes
tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1441-65535
log=no log-prefix=""
2 chain=forward action=change-mss new-mss=1440 passthrough=yes
tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1441-65535
log=no log-prefix=""
3 chain=postrouting action=mark-packet new-packet-mark=bf4-out
passthrough=no protocol=udp out-interface=all-ppp
dst-port=3659,14000-14016,22990-23006,25200-25300 log=no log-prefix=""
4 chain=postrouting action=mark-packet new-packet-mark=wow-out
passthrough=no protocol=tcp out-interface=all-ppp
dst-port=3724,6112,6113,6114,4000 log=no log-prefix=""
5 chain=postrouting action=mark-packet new-packet-mark=web passthrough=no
protocol=tcp out-interface=all-ppp dst-port=80,443 log=no log-prefix=""
6 chain=postrouting action=mark-packet new-packet-mark=bf4-out
passthrough=no protocol=tcp out-interface=all-ppp
dst-port=9988,17502,20000-20100,22990,42127 log=no log-prefix=""
7 chain=prerouting action=accept in-interface=bridge1 log=no log-prefix=""
8 chain=prerouting action=mark-connection new-connection-mark=pcc1
passthrough=yes dst-address-type=!local src-address-list=LAN
in-interface=pppoe-out1 connection-mark=no-mark
per-connection-classifier=both-addresses-and-ports:3/0 log=no
log-prefix=""
9 chain=prerouting action=mark-connection new-connection-mark=pcc2
passthrough=yes dst-address-type=!local src-address-list=LAN
in-interface=pppoe-out2 connection-mark=no-mark
per-connection-classifier=both-addresses-and-ports:3/1 log=no
log-prefix=""
10 chain=prerouting action=mark-connection new-connection-mark=pcc3
passthrough=yes dst-address-type=!local src-address-list=LAN
in-interface=pppoe-out3 connection-mark=no-mark
per-connection-classifier=both-addresses-and-ports:3/2 log=no
log-prefix=""
11 chain=prerouting action=mark-connection new-connection-mark=pcc4
passthrough=yes dst-address-type=!local src-address-list=LAN
in-interface=pppoe-out4 connection-mark=no-mark
per-connection-classifier=both-addresses-and-ports:3/3 log=no
log-prefix=""
12 chain=prerouting action=mark-connection new-connection-mark=pcc1
passthrough=yes dst-address-type=!local in-interface=bridge1
connection-mark=no-mark
per-connection-classifier=both-addresses-and-ports:3/0 log=no
log-prefix=""
13 chain=prerouting action=mark-connection new-connection-mark=pcc2
passthrough=yes dst-address-type=!local in-interface=bridge1
connection-mark=no-mark
per-connection-classifier=both-addresses-and-ports:3/1 log=no
log-prefix=""
14 chain=prerouting action=mark-connection new-connection-mark=pcc3
passthrough=yes dst-address-type=!local in-interface=bridge1
connection-mark=no-mark
per-connection-classifier=both-addresses-and-ports:3/2 log=no
log-prefix=""
15 chain=prerouting action=mark-connection new-connection-mark=pcc4
passthrough=yes dst-address-type=!local in-interface=bridge1
connection-mark=no-mark
per-connection-classifier=both-addresses-and-ports:3/3 log=no
log-prefix=""
16 chain=prerouting action=mark-routing new-routing-mark=route1
passthrough=yes in-interface=bridge1 connection-mark=pcc1 log=no
log-prefix=""
17 chain=prerouting action=mark-routing new-routing-mark=route2
passthrough=yes in-interface=bridge1 connection-mark=pcc2 log=no
log-prefix=""
18 chain=prerouting action=mark-routing new-routing-mark=route3
passthrough=yes in-interface=bridge1 connection-mark=pcc3 log=no
log-prefix=""
19 chain=prerouting action=mark-routing new-routing-mark=route4
passthrough=yes in-interface=bridge1 connection-mark=pcc4 log=no
log-prefix=""
20 chain=output action=mark-routing new-routing-mark=route1 passthrough=yes
connection-mark=pcc1 log=no log-prefix=""
21 chain=output action=mark-routing new-routing-mark=route4 passthrough=yes
connection-mark=pcc4 log=no log-prefix=""
22 chain=output action=mark-routing new-routing-mark=route3 passthrough=yes
connection-mark=pcc3 log=no log-prefix=""
23 chain=output action=mark-routing new-routing-mark=route2 passthrough=yes
connection-mark=pcc2 log=no log-prefix=""
24 chain=forward action=mark-connection new-connection-mark=pcc1
passthrough=no in-interface=pppoe-out1 connection-mark=no-mark log=no
log-prefix=""
25 chain=forward action=mark-connection new-connection-mark=pcc2
passthrough=no in-interface=pppoe-out2 connection-mark=no-mark log=no
log-prefix=""
26 chain=forward action=mark-connection new-connection-mark=pcc3
passthrough=no in-interface=pppoe-out3 connection-mark=no-mark log=no
log-prefix=""
27 chain=forward action=mark-connection new-connection-mark=pcc4
passthrough=no in-interface=pppoe-out4 connection-mark=no-mark log=no
log-prefix=""
28 chain=input action=mark-connection new-connection-mark=pcc1
passthrough=no in-interface=pppoe-out1 connection-mark=no-mark log=no
log-prefix=""
29 chain=input action=mark-connection new-connection-mark=pcc2
passthrough=no in-interface=pppoe-out2 connection-mark=no-mark log=no
log-prefix=""
30 chain=input action=mark-connection new-connection-mark=pcc3
passthrough=no in-interface=pppoe-out3 connection-mark=no-mark log=no
log-prefix=""
31 chain=input action=mark-connection new-connection-mark=pcc4
passthrough=no in-interface=pppoe-out4 connection-mark=no-mark log=no
log-prefix=""
============================================
the nat:
# sep/24/2015 3:49: 9 by RouterOS 6.30.2
# software id = XXXX-XXXX
#
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; TC
chain=dstnat action=dst-nat to-addresses=192.168.88.170 to-ports=8740
protocol=tcp in-interface=pppoe-out1 dst-port=8740 log=no log-prefix=""
1 X ;;; WallProxy
chain=dstnat action=dst-nat to-addresses=192.168.88.252 to-ports=8080
protocol=tcp in-interface=pppoe-out1 dst-port=58890 log=no
log-prefix=""
2 ;;; RDP
chain=dstnat action=dst-nat to-addresses=192.168.88.130 protocol=tcp
in-interface=pppoe-out4 dst-port=3389 log=no log-prefix=""
3 chain=dstnat action=dst-nat to-addresses=192.168.88.137 to-ports=443
protocol=tcp in-interface=pppoe-out1 dst-port=7443 log=no log-prefix=""
4 ;;; Perforce
chain=dstnat action=dst-nat to-addresses=192.168.88.252 to-ports=1666
protocol=tcp in-interface=pppoe-out1 dst-port=1666 log=no
log-prefix="proxy"
5 ;;; WallProxy_Socks
chain=dstnat action=dst-nat to-addresses=192.168.10.1 to-ports=1080
protocol=tcp in-interface=pppoe-out1 dst-port=35287 log=no
log-prefix=""
6 X chain=dstnat action=dst-nat to-addresses=192.168.88.230
to-ports=55536-55599 protocol=tcp in-interface=pppoe-out1
dst-port=55536-55599 log=yes log-prefix="ftp"
7 ;;; PostgreSQL
chain=dstnat action=dst-nat to-addresses=192.168.88.252 to-ports=5432
protocol=tcp in-interface=pppoe-out1 dst-port=5432 log=no
log-prefix="postgres"
8 ;;; SSH
chain=dstnat action=dst-nat to-addresses=192.168.88.252 to-ports=22
protocol=tcp in-interface=pppoe-out1 dst-port=22 log=yes
log-prefix="ssh"
9 ;;; TLS
chain=dstnat action=dst-nat to-addresses=192.168.88.230 to-ports=5001
protocol=tcp in-interface=pppoe-out4 dst-port=443 log=no log-prefix=""
10 X ;;; Web
chain=dstnat action=dst-nat to-addresses=192.168.88.230 to-ports=5000
protocol=tcp in-interface=pppoe-out4 dst-port=80 log=no
log-prefix="nas"
11 X chain=dstnat action=dst-nat to-addresses=192.168.88.230 to-ports=22
protocol=tcp in-interface=pppoe-out1 dst-port=3022 log=yes
log-prefix="ssh"
12 X chain=dstnat action=dst-nat to-addresses=192.168.88.254 to-ports=22
protocol=tcp in-interface=pppoe-out1 dst-port=5422 log=no
log-prefix="proxy"
13 X chain=dstnat action=dst-nat to-addresses=192.168.88.230 to-ports=5000
protocol=tcp in-interface=pppoe-out1 dst-port=5000 log=no
log-prefix="socks"
14 X chain=dstnat action=dst-nat to-addresses=192.168.88.230 to-ports=5001
protocol=tcp in-interface=pppoe-out1 dst-port=5001 log=no
log-prefix="socks"
15 X chain=dstnat action=dst-nat to-addresses=192.168.88.252 to-ports=3128
protocol=tcp in-interface=pppoe-out1 dst-port=3128 log=no log-prefix=""
16 X chain=dstnat action=dst-nat to-addresses=192.168.88.230 to-ports=514
protocol=tcp in-interface=pppoe-out1 dst-port=514 log=no log-prefix=""
17 X ;;; DNS
chain=dstnat action=dst-nat to-addresses=192.168.88.254 to-ports=53
protocol=udp in-interface=pppoe-out1 dst-port=53 log=no log-prefix=""
18 chain=srcnat action=masquerade src-address=192.168.88.0/24
src-address-list=LAN out-interface=pppoe-out1 log=no log-prefix=""
19 chain=srcnat action=masquerade src-address=192.168.88.0/24
out-interface=pppoe-out2 log=no log-prefix=""
20 chain=srcnat action=masquerade src-address=192.168.88.0/24
src-address-list=LAN out-interface=pppoe-out3 log=no log-prefix=""
21 chain=srcnat action=masquerade src-address=192.168.88.0/24
src-address-list=LAN out-interface=pppoe-out4 log=no log-prefix=""
22 chain=srcnat action=accept log=no log-prefix=""