Page 1 of 1

Should be a simple task of port forwarding

Posted: Fri Oct 04, 2019 10:40 pm
by NotAnITGuy
I have a couple Cellular LTE modems that are set up with IP pass through. I am using the HAPaclite to basically create a LAN over a large area using EOIP tunneling.

Setting up the HAP using the quick setup with IP addressing and DHCP addresses that don't overlap but are still on the same network, then going through and setting up the tunnels, bridging the tunnels to the LAN Ports, has me up and running(after i disable the "drop all not coming from Lan" firewall rule)

My EOIP tunnels are running and I can talk to each HAPacLite using winbox, and I can talk to my devices that are the focus of the project as long as I am one of the connected routers. What I am trying to set up now is access to the devices from the outside world...IE my office computer on another network. However none of the NAT port forwarding rules I have tried to add will allow me to communicate.

I am looking to sit at my desktop and type into the address bar and get to the device(a) log in page.
and eventually I would like to add other :x0x0's to control other devices through port forwarding, but one thing at a time for now.

When I add a firewall(NAT) rule, does my WAN ip go in the src address or the dst address of the general tab(i assume same for the 6060 port), and does my internal IP/dst port go in the general tab or the action tab?

I have set up some simple port forwarding before but the routerboard has a few more bells and whistles than I am accustomed to.

Re: Should be a simple task of port forwarding  [SOLVED]

Posted: Fri Oct 04, 2019 11:02 pm
by ingdaka
ip firewall nat add chain=dstnat dst-address=your_Pulic_IP protocol=tcp dst-port=Public_Port action=dst-nat to-addresses=your_LAN(Device)_IP to-ports=devide_Port
Paste this to terminal of Routerboard

Re: Should be a simple task of port forwarding

Posted: Tue Oct 08, 2019 8:19 pm
by NotAnITGuy
Thank you, the Copy and paste worked on two of my HAP's the Third one I had to reset the config and start over again before the Firewall rule would work.