Community discussions

MikroTik App
 
kd7vea
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 85
Joined: Fri Dec 08, 2017 7:52 pm

cant access my second webserver on Public side

Sun Aug 19, 2018 2:05 am

so I have a webserver that I created the 3 NAT rules for and it works as it should. I now have a second webserver that I need to Port forward to the internet but I cant quite get it to work. the new server has an internal address of 192.168.1.26. I am port forwarding it from port 82 inbound. I can access it with the public address and the internal address as long as I am on my own network, but I still cannot access it from the public side. I have to be missing something small. here are my rules.

This rule has been in place for my first webserver
chain: srcnat
out interface: Wan
action: Masquerade

Next rule
Chain dstnat
Dst. Address 160.7.249.40
Protocol 6 (tcp)
Dst. Port 82
Action dst-nat
To Addresses 192.168.1.26
To Ports 80

Last Rule
Chain srcnat
Src. Address 192.168.1.0/24
Dst. Address 192.168.1.26
Protocol 6 (tcp)
out interface ethe2
action masquerade
to port 82
 
szt
just joined
Posts: 19
Joined: Mon Aug 06, 2018 9:43 pm
Location: Olomouc, Czech Republic
Contact:

Re: cant access my second webserver on Public side

Sun Aug 19, 2018 10:24 am

Please export your whole configuration here by ("/export hide-sensitive") command

Also, make sure you have DSTNATed connections allowed in your firewall forward chain.
add action=accept chain=forward comment="allow DSTNATed" connection-nat-state=dstnat connection-state=new in-interface=Wan
--

BTW, are you sure that it is functioning from internal? I am afraid that there should be

Last Rule
Chain srcnat Src. Address 192.168.1.0/24 Dst. Address 192.168.1.26 Protocol 6 (tcp) out interface ethe2 action masquerade to port 80
instead of
Chain srcnat Src. Address 192.168.1.0/24 Dst. Address 192.168.1.26 Protocol 6 (tcp) out interface ethe2 action masquerade to port 82

Who is online

Users browsing this forum: GrandTotal and 92 guests