Page 1 of 1

DST NAT on 3 Mikrotiks

Posted: Mon Jan 21, 2019 11:25 pm
by miltont
I need to achieve DST Nat to port 8282
Default Gateway
Client has Mikrotik RB RB4011 Model
connects to thru PTP Connection to that has Public Interface 24.139.x.x (Public IP)

Do i have to create DST NAT Rules on the 3 Mikrotiks?
What would be the order of Ips on each Rule?

Re: DST NAT on 3 Mikrotiks

Posted: Mon Jan 21, 2019 11:58 pm
by anav
3 Mikrotiks??
You are only showing one??

Basically Destination NAT rule and firewall rule go hand in hand. One needs an allow rule in the forward chain so that all DST rules will work.
/ip firewall filter
add action=accept chain=forward comment=\
"Allow Port Forwarding" connection-nat-state=dstnat

Then you can make as many dst-nat rules as are required.
/ip firewall nat
add action=dst-nat chain=dstnat comment=MyPortFowardRule dst-port=8282 \
in-interface-list=WAN protocol=tcp to-addresses=

(assumed protocol TCP as it was not detailed).

If you have multiple MT devices between the server and the internet make a diagram and annotate them with numbers.
For example if there is an MT in between, the only difference is the MT downstreap (its LANIP on the first MT) which is really also its WANIP would be the to-address LOL.
See diagrams will help.

Re: DST NAT on 3 Mikrotiks

Posted: Tue Jan 22, 2019 8:14 am
by mkx
Whether you have to create 3 DST-NAT rules or not largely depends on topology and configuration of your whole network. Ideally create a simple chart showing your different LAN segments and briefly describe what are your goals. It might turn out that your current setup is over complicated ...