Community discussions

 
IgorKa
just joined
Topic Author
Posts: 2
Joined: Thu Jul 20, 2017 12:21 am

Port forwarding problem

Thu Dec 20, 2018 3:09 pm

Dear
I have a problem with MT configuration. I dont why but when I add a NAT rule like this
/ip firewall nat add chain=dstnat dst-address=MY_PUBLIC_IP dst-port=80 action=dst-nat protocol=tcp to-address=10.0.0.101 to-port=80
I have no packages incoming

If I remove dst-address it’s start to work but then when I connect from local subnet I have an issue because I connect to Microsoft SQL web page or something like this.

I have a newest software release and the newest firmware (6.43.7)
I try to make downgrade but without success!!

Could someone help me!!!
Please!!!

Igor
 
User avatar
nickshore
Member
Member
Posts: 473
Joined: Thu Mar 03, 2005 4:14 pm
Location: Suffolk, UK.
Contact:

Re: Port forwarding problem

Thu Dec 20, 2018 3:44 pm

1) don't specify the to-port=80, you don't need to if the port is the same.

2) check that you have an ip filter forward chain rule which allows the traffic to port 80 on 10.0.0.101

3) check that the device 10.0.0.101 has a default route back to the routerboard.
Nick Shore MTCNA MTCWE MTCRE MTCINE MTCTCE
LinITX.com - MultiThread Consultants
Get your MikroTik RBs and Training: http://linitx.com/brand/mikrotik
Official UK MikroTik Distributor
IRC chan: #routerboard on irc.z.je (IPv4 and IPv6)
 
anav
Forum Guru
Forum Guru
Posts: 3106
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: Port forwarding problem

Fri Dec 21, 2018 4:13 pm

Regarding the firewall filter rule noted above, only one rule is needed which covers all port forwarding
add action=accept chain=forward comment=\
"Allow Port Forwarding " connection-nat-state=dstnat

This assumes you have a drop all else rule at the end of the forward chain.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)

Who is online

Users browsing this forum: No registered users and 51 guests