Community discussions

MikroTik App
 
levimester
just joined
Topic Author
Posts: 2
Joined: Sat Apr 07, 2018 1:41 pm

Port forwarding behind CGNAT

Sat Apr 07, 2018 2:05 pm

Dear All,

I need some help with configuring port forwarding on a Mikrotik RB951G-2Hnd.
It seems that my Mikrotik router is behind a Carrier Grade NAT (CGN). The IP Address in the Mikrotik configuration is from 100.64.0.0/10, but when I check my public IP I can see something totally different, and my public IP address is changing dynamically.

After some searching on google I found this article: https://wiki.mikrotik.com/wiki/Manual:I ... Source_NAT
Tha last part is about Carrier-Grade NAT, but I could not really figure out how to apply this to my router.

I also enabled DDNS in the Miktortik configuration, but it is not working properly and I get this error message:
DDNS server received request from IP 94.248.149.102 but your local IP was 100.64.151.58; DDNS service might not work.

Can someone please help me with how I can configura a NAT rule or something, so that I can reach my Mikrotik router from outside of my LAN?
 
neu
newbie
Posts: 36
Joined: Sat Apr 07, 2018 9:58 pm

Re: Port forwarding behind CGNAT

Thu Apr 26, 2018 3:20 pm

Please ensure you are getting Public IP from your ISP.
You can only able to access your local Server from Internet, if your WAN has assigned with Public IP.
neuCRM (http://neucrm.com) is full featured ISP Billing CRM software package for Mikrotik RouterOS.
 
User avatar
Anumrak
Forum Guru
Forum Guru
Posts: 1180
Joined: Fri Jul 28, 2017 2:53 pm

Re: Port forwarding behind CGNAT

Thu Apr 26, 2018 3:38 pm

Unfortunately, there is now way to forward traffic to you from ISP router, except you working in this ISP :(
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1637
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: Port forwarding behind CGNAT

Thu Apr 26, 2018 5:02 pm

You can try this script for double NAT

https://wiki.mikrotik.com/wiki/Dynamic_ ... behind_NAT
MTCNA, MTCTCE, MTCRE & MTCINE
 
solar77
Member
Member
Posts: 450
Joined: Thu Feb 04, 2016 11:42 am
Location: Scotland

Re: Port forwarding behind CGNAT

Thu Apr 26, 2018 5:06 pm

This is completely up to your ISP. Technically there is nothing you can do. When the traffic heads to "your public IP", it's the router that holds that IP address can decide what to do with that traffic. That router belongs to the ISP.

However I am almost certain your ISP would provide you with an Public IP, in exchange for cash :D
MTCNA MTCTCE UEWA
 
User avatar
MangleRule
Frequent Visitor
Frequent Visitor
Posts: 60
Joined: Mon May 07, 2018 1:05 am

Re: Port forwarding behind CGNAT

Fri May 11, 2018 10:16 pm

You can setup a MikroTik Cloud Hosted Router on Amazon AWS and use that as a VPN concentrator. Then you can connect your device (laptop, phone, etc) to the VPN and also connect your MikroTik at home to the VPN to get remote access without a public IP.
MTCNAMTCREMTCINE | MTCTCE | MTCUME | UBWA
 
RoadkillX
Frequent Visitor
Frequent Visitor
Posts: 87
Joined: Sun Apr 22, 2018 6:00 pm
Location: Spain

Re: Port forwarding behind CGNAT

Fri May 11, 2018 11:43 pm

If you just want to be able to connect via ssh and manage your devices you can use a tor hidden service, if you want to host something on the internet then you have to ask you isp for upnp on your interface or static port nat mapping or 1:1.

Who is online

Users browsing this forum: dlocatelli, JPMARTINS, patrickmkt, shimitanaka, tdw and 89 guests