Hi,
I have been trying to do some port forwarding but it does not seem to be working. I remember doing this before and it worked but for some reason, now it will not.
Can somebody please help by looking through my config and seeing if there is anything wrong?
Thank you so much!
[username@MikroTik] > ip address pri
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 ;;; defconf
192.168.88.1/24 192.168.88.0 WAN
1 10.0.20.1/24 10.0.20.0 Management
2 10.0.30.1/24 10.0.30.0 Internet
3 D 90.196.151.83/32 2.127.238.201 ADSL
[mark@MikroTik] > int pri
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R Link_to_HP ether 1500 1598 4074 D4:CA:6D:B5:5C:B8
1 PoE ether 1500 1598 4074 D4:CA:6D:B5:5C:B6
2 Port4 ether 1500 1598 4074 D4:CA:6D:B5:5C:B9
3 Port5 ether 1500 1598 4074 D4:CA:6D:B5:5C:BA
4 R WAN ether 1500 1598 4074 D4:CA:6D:B5:5C:B7
5 R ADSL pppoe-out 1480
6 R Internet vlan 1500 1594 D4:CA:6D:B5:5C:B8
7 R Management vlan 1500 1594 D4:CA:6D:B5:5C:B8
[mark@MikroTik] > ip fi nat pri
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface=WAN log=no log-prefix=""
1 chain=srcnat action=masquerade src-address=192.168.88.0/24 log=no log-prefix=""
2 chain=srcnat action=masquerade src-address=10.0.20.0/24 log=no log-prefix=""
3 chain=srcnat action=masquerade src-address=10.0.30.0/24 log=no log-prefix=""
4 ;;; CODMW2_1/5
chain=dstnat action=dst-nat to-addresses=10.0.30.13 to-ports=1500 protocol=udp dst-address=90.196.151.83 in-interface=Internet dst-port=1500 log=no log-prefix=""
5 ;;; CODMW2_2/5
chain=dstnat action=dst-nat to-addresses=10.0.30.13 to-ports=3005 protocol=udp dst-address=90.196.151.83 in-interface=Internet dst-port=3005 log=no log-prefix=""
6 ;;; CODMW2_3/5
chain=dstnat action=dst-nat to-addresses=10.0.30.13 to-ports=3101 protocol=udp dst-address=90.196.151.83 in-interface=Internet dst-port=3101 log=no log-prefix=""
7 ;;; CODMW2_4/5
chain=dstnat action=dst-nat to-addresses=10.0.30.13 to-ports=28960 protocol=udp dst-address=90.196.151.83 in-interface=Internet dst-port=28960 log=no log-prefix=""
8 ;;; CODMW2_5/5
chain=dstnat action=dst-nat to-addresses=10.0.30.13 to-ports=27015 protocol=tcp dst-address=90.196.151.83 in-interface=Internet dst-port=27015 log=no log-prefix=""
9 ;;; Utorrent
chain=dstnat action=dst-nat to-addresses=10.0.30.13 to-ports=48085 protocol=tcp in-interface=Internet dst-port=48085 log=no log-prefix=""
[mark@MikroTik] > ip fi fi pri
Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward
1 ;;; Utorrent
chain=forward action=accept protocol=tcp dst-port=48085 log=no log-prefix=""
2 ;;; defconf: accept ICMP
chain=input action=accept protocol=icmp log=no log-prefix=""
3 ;;; defconf: accept establieshed,related
chain=input action=accept connection-state=established,related log=no log-prefix=""
4 ;;; defconf: drop all from WAN
chain=input action=drop in-interface=PoE log=no log-prefix=""
5 ;;; defconf: fasttrack
chain=forward action=fasttrack-connection connection-state=established,related log=no log-prefix=""
6 ;;; defconf: accept established,related
chain=forward action=accept connection-state=established,related log=no log-prefix=""
7 ;;; defconf: drop invalid
chain=forward action=drop connection-state=invalid log=no log-prefix=""
8 ;;; defconf: drop all from WAN not DSTNATed
chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface=PoE log=no log-prefix=""
9 ;;; Allow Limited Pings
chain=input action=accept protocol=icmp limit=50/5s,2:packet log=no log-prefix=""
10 chain=output action=accept protocol=tcp content=530 Login Incorrect dst-limit=1/1m,9,dst-address/1m log=no log-prefix=""
11 chain=output action=add-dst-to-address-list protocol=tcp address-list=ftp_blacklist address-list-timeout=3h content=530 Login Incorrect log=no log-prefix=""
12 ;;; Drop Brute Forcers
chain=input action=drop protocol=tcp src-address-list=ssh_blacklist dst-port=22 log=no log-prefix=""
13 chain=input action=add-src-to-address-list connection-state=new protocol=tcp src-address-list=ssh_stage3 address-list=ssh_blacklist address-list-timeout=1w3d dst-port=2>
log=no log-prefix=""
14 chain=input action=add-src-to-address-list connection-state=new protocol=tcp src-address-list=ssh_stage2 address-list=ssh_stage3 address-list-timeout=1m dst-port=22
log=no log-prefix=""
15 chain=input action=add-src-to-address-list connection-state=new protocol=tcp src-address-list=ssh_stage1 address-list=ssh_stage2 address-list-timeout=1m dst-port=22
log=no log-prefix=""
16 ;;; SSH Create Blacklist
chain=input action=add-src-to-address-list connection-state=new protocol=tcp address-list=ssh_stage1 address-list-timeout=1m dst-port=22 log=no log-prefix=""
17 ;;; SSH
chain=input action=accept protocol=tcp dst-port=22 log=no log-prefix=""
18 ;;; Drop Invalid Connections
chain=input,forward action=drop connection-state=invalid log=no log-prefix=""
19 ;;; Drop Excess Pings
chain=input action=drop protocol=icmp log=no log-prefix=""
20 ;;; Drop FTP Brute Forcers
chain=input action=drop protocol=tcp src-address-list=ftp_blacklist dst-port=21 log=no log-prefix=""
21 ;;; Drop SSH Brute Forcers
chain=input action=drop protocol=tcp src-address-list=ssh_blacklist dst-port=22 log=no log-prefix=""
22 ;;; Drop Everything Else
chain=input action=drop log=no log-prefix=""
[username@MikroTik] >
10.0.30.13 is the IP of the PC that I want to forward the ports to.
Any help would be very appreciated, thank you.