I have OpenVPN port forwarding configured in (1194 UDP) and it works fine, so the network seems to be correctly configured and accessible
The structure of my network is basically the following:
INTERNET <--> ISP Router (Fort forwarding tested and works without problems) <--> RouterOS <--> pfSense <--> LAN
The servers are correctly configured and I can see the webs by accessing them directly
The complete configuration of my RouterOS is as follows:
Code: Select all
[admin@MikroTik] > export hide-sensitive
# sep/02/2021 17:13:48 by RouterOS 6.48.3
# software id = JQ5S-TZ2K
#
# model = CRS326-24G-2S+
# serial number = DA720EACEB7E
/interface bridge
add admin-mac=2C:C8:1B:5E:D1:23 auto-mac=no comment=defconf name=bridge
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.1.100-192.168.1.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=dhcp1
/interface bridge port
add bridge=bridge comment=defconf disabled=yes interface=ether1
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=ether11
add bridge=bridge comment=defconf interface=ether12
add bridge=bridge comment=defconf interface=ether13
add bridge=bridge comment=defconf interface=ether14
add bridge=bridge comment=defconf interface=ether15
add bridge=bridge comment=defconf interface=ether16
add bridge=bridge comment=defconf interface=ether17
add bridge=bridge comment=defconf interface=ether18
add bridge=bridge comment=defconf interface=ether19
add bridge=bridge comment=defconf interface=ether20
add bridge=bridge comment=defconf interface=ether21
add bridge=bridge comment=defconf interface=ether22
add bridge=bridge comment=defconf interface=ether23
add bridge=bridge comment=defconf interface=ether24
add bridge=bridge comment=defconf interface=sfp-sfpplus1
add bridge=bridge comment=defconf interface=sfp-sfpplus2
/interface list member
add interface=ether1 list=WAN
add interface=bridge list=LAN
/ip address
add address=192.168.1.1/24 comment=defconf interface=bridge network=192.168.1.0
add address=192.168.0.2/24 interface=ether1 network=192.168.0.0
/ip dhcp-client
add interface=ether1
/ip dhcp-server lease
add address=192.168.1.47 mac-address=F0:92:1C:0A:94:9A server=dhcp1
add address=192.168.1.2 mac-address=9A:1D:1E:87:AC:94 server=dhcp1
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1 netmask=24
/ip dns
set servers=192.168.1.2,8.8.8.8,1.1.1.1,8.8.4.4,1.0.0.1
/ip firewall nat
add action=masquerade chain=srcnat disabled=yes out-interface-list=WAN
add action=dst-nat chain=dstnat log=yes protocol=tcp src-port=80 to-addresses=192.168.1.2 to-ports=80
add action=dst-nat chain=dstnat protocol=tcp src-port=443 to-addresses=192.168.1.2 to-ports=443
add action=dst-nat chain=dstnat protocol=udp src-port=1194 to-addresses=192.168.1.2 to-ports=1194
/ip route
add distance=1 gateway=192.168.0.1
add distance=1 dst-address=192.1.0.0/16 gateway=192.168.1.2
/ip service
set www port=8080
set www-ssl port=4443
/system clock
set time-zone-name=Europe/Madrid
/system routerboard settings
set boot-os=router-os