Community discussions

MikroTik App
 
ljelic
just joined
Topic Author
Posts: 1
Joined: Tue Aug 31, 2021 10:39 am

SSH NAT forwarding

Tue Aug 31, 2021 1:55 pm

Hi,

i have an issue i hope you can help me.

I have a Mikrotik LtAP mini, with assigned VPN certificate. I have a Linux machine connected with an ethernet cable to the mikrotik, it has a fixed IP address of 192.168.88.50.
I created a NAT rule, General: dstnat dstn port 52022, tcp, Action:to addresses: 192.168.88.50, to ports 52022

when I try to connect to the Linux machine over the mikrotik VPN IP address on port 52022 i get a: "connection refused" error.

i also have an openVPN certificate installed on the machine and I can connect to the machine over port 22?!

the most intriguing part that it worked on Friday, and from Monday it is working no more, no updates were made...

any suggestions?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: SSH NAT forwarding

Tue Aug 31, 2021 4:18 pm

I created a NAT rule, General: dstnat dstn port 52022, tcp, Action:to addresses: 192.168.88.50, to ports 52022

If you did not manually configure ssh server on linux machine to listen to non-standard port, the correct DST-NAT rule would be

/ip firewall nat
add chain=dstnat action=dst-nat protocol=tcp dst-port=52022 to-addresses=192.168.88.50 to-ports=22

You may want to limit the DST-NAT rule to act only on particular interfaces (e.g. the VPN interface).

Who is online

Users browsing this forum: Google [Bot] and 22 guests