I'm relatively new to mikrotik, and i'm trying to limit access on a one to one NAT
mikrotik global IP: x.x.x.1
host global IP: x.x.x.2
mikrotik internal IP: x.x.x.1
host internal IP: a.a.a.2 (let's say this is web server, so i want to allow https to come in)
i have:
chain=dstnat action=dst-nat to-addresses=a.a.a.2 dst-address=x.x.x.2
chain=srcnat action=src-nat to-addresses=x.x.x.2 src-address=a.a.a.2
so my next challenge is, how do i ONLY allow outside https request through?
i still want the internal host to go out unrestricted.
one solution is to limit the dstnat,
is that best practice? i would think that there's a way to do it through filter vs nat.
Thanks in advance!