Community discussions

MikroTik App
 
felipe98
just joined
Topic Author
Posts: 2
Joined: Thu Sep 02, 2021 5:48 pm

I can't forward ports 80 and 443

Thu Sep 02, 2021 6:19 pm

I am trying to forward ports 80 and 443 to an internal server on my network but nothing I try reading on the forum works.
I have OpenVPN port forwarding configured in (1194 UDP) and it works fine, so the network seems to be correctly configured and accessible

The structure of my network is basically the following:
INTERNET <--> ISP Router (Fort forwarding tested and works without problems) <--> RouterOS <--> pfSense <--> LAN


The servers are correctly configured and I can see the webs by accessing them directly

The complete configuration of my RouterOS is as follows:
[admin@MikroTik] > export hide-sensitive 
# sep/02/2021 17:13:48 by RouterOS 6.48.3
# software id = JQ5S-TZ2K
#
# model = CRS326-24G-2S+
# serial number = DA720EACEB7E
/interface bridge
add admin-mac=2C:C8:1B:5E:D1:23 auto-mac=no comment=defconf name=bridge
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.1.100-192.168.1.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=dhcp1
/interface bridge port
add bridge=bridge comment=defconf disabled=yes interface=ether1
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=ether11
add bridge=bridge comment=defconf interface=ether12
add bridge=bridge comment=defconf interface=ether13
add bridge=bridge comment=defconf interface=ether14
add bridge=bridge comment=defconf interface=ether15
add bridge=bridge comment=defconf interface=ether16
add bridge=bridge comment=defconf interface=ether17
add bridge=bridge comment=defconf interface=ether18
add bridge=bridge comment=defconf interface=ether19
add bridge=bridge comment=defconf interface=ether20
add bridge=bridge comment=defconf interface=ether21
add bridge=bridge comment=defconf interface=ether22
add bridge=bridge comment=defconf interface=ether23
add bridge=bridge comment=defconf interface=ether24
add bridge=bridge comment=defconf interface=sfp-sfpplus1
add bridge=bridge comment=defconf interface=sfp-sfpplus2
/interface list member
add interface=ether1 list=WAN
add interface=bridge list=LAN
/ip address
add address=192.168.1.1/24 comment=defconf interface=bridge network=192.168.1.0
add address=192.168.0.2/24 interface=ether1 network=192.168.0.0
/ip dhcp-client
add interface=ether1
/ip dhcp-server lease
add address=192.168.1.47 mac-address=F0:92:1C:0A:94:9A server=dhcp1
add address=192.168.1.2 mac-address=9A:1D:1E:87:AC:94 server=dhcp1
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1 netmask=24
/ip dns
set servers=192.168.1.2,8.8.8.8,1.1.1.1,8.8.4.4,1.0.0.1
/ip firewall nat
add action=masquerade chain=srcnat disabled=yes out-interface-list=WAN
add action=dst-nat chain=dstnat log=yes protocol=tcp src-port=80 to-addresses=192.168.1.2 to-ports=80
add action=dst-nat chain=dstnat protocol=tcp src-port=443 to-addresses=192.168.1.2 to-ports=443
add action=dst-nat chain=dstnat protocol=udp src-port=1194 to-addresses=192.168.1.2 to-ports=1194
/ip route
add distance=1 gateway=192.168.0.1
add distance=1 dst-address=192.1.0.0/16 gateway=192.168.1.2
/ip service
set www port=8080
set www-ssl port=4443
/system clock
set time-zone-name=Europe/Madrid
/system routerboard settings
set boot-os=router-os
Thank you very much for the help, I am new in RouterOS and I am having a hard time configuring everything ...
 
felipe98
just joined
Topic Author
Posts: 2
Joined: Thu Sep 02, 2021 5:48 pm

Re: I can't forward ports 80 and 443

Sat Sep 04, 2021 10:00 pm

Finally i can solve the problem.
The problem was, of course, a bad configuration.

I dont need src-port, i need dst-port in configs.

The smallest mistakes are the most time consuming as always.

Who is online

Users browsing this forum: unhuzpt and 25 guests