Thanks Sam!
Here are the rules for filter and nat.
[admin@LunaTik] ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Drop invalid connections
chain=input connection-state=invalid action=drop
1 ;;; Allow established connections
chain=input connection-state=established action=accept
2 ;;; Allow related connections
chain=input connection-state=related action=accept
3 ;;; drop ssh brute forcers
chain=input protocol=tcp dst-port=22 src-address-list=black_list action=drop
4 ;;; ssh-brute to blacklist
chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage3 action=add-src-to-address-list
address-list=black_list address-list-timeout=2w1d
5 ;;; ssh-brute -stage 3
chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage2 action=add-src-to-address-list
address-list=ssh_stage3 address-list-timeout=2m
6 ;;; ssh-brute -stage 2
chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 action=add-src-to-address-list
address-list=ssh_stage2 address-list-timeout=2m
7 ;;; ssh-brute - stage 1
chain=input protocol=tcp dst-port=22 connection-state=new action=add-src-to-address-list address-list=ssh_stage1
address-list-timeout=1m
8 ;;; Allow UDP
chain=input protocol=udp action=accept
9 ;;; Allow ICMP Ping
chain=input protocol=icmp action=accept
10 ;;; Allow access from our local network
chain=input src-address=10.0.2.0/24 action=accept
11 ;;; Mikrotik Winbox
chain=input in-interface=Publica dst-port=8291 action=accept
12 ;;; Mikrotik SSH
chain=input in-interface=Publica dst-address=0.0.0.0/0 dst-port=22 action=accept
13 ;;; Indy SSH
chain=input in-interface=Publica dst-address=0.0.0.0/0 dst-port=2222 action=accept
14 ;;; Uvnc
chain=input in-interface=Publica protocol=tcp dst-port=4000-4001 action=accept
15 ;;; Uvnc a SERVER-MX
chain=input in-interface=Publica protocol=tcp dst-port=4003-4004 action=accept
16 ;;; Terminal Server a SERVER-MX
chain=input in-interface=Publica protocol=tcp dst-port=4005 action=accept
17 ;;; KB 9000
chain=input in-interface=Publica dst-address=0.0.0.0/0 protocol=tcp dst-port=9000 action=accept
18 ;;; ? Copiada de Indy
chain=input in-interface=Publica dst-address=0.0.0.0/0 protocol=tcp dst-port=8000 action=accept
19 ;;; VMWare Web
chain=input in-interface=Publica dst-address=0.0.0.0/0 protocol=tcp dst-port=8333 action=accept
20 ;;; VMWare Consola
chain=input in-interface=Publica dst-address=0.0.0.0/0 protocol=tcp dst-port=902 action=accept
21 X ;;; MSN Messenger
chain=forward protocol=tcp dst-port=1863 action=drop
22 X ;;; MSN Messenger
chain=forward dst-address=207.46.110.0/24 protocol=tcp action=drop
23 X ;;; MSN Messenger
chain=forward protocol=tcp dst-port=5190 action=drop
24 X ;;; MSN Messenger
chain=forward protocol=tcp dst-port=6901 action=drop
25 X ;;; MSN Messenger
chain=forward protocol=tcp dst-port=6891-6900 action=drop
26 ;;; jump to chain ICMP
chain=input protocol=icmp action=jump jump-target=ICMP
27 ;;; jump to chain services
chain=input action=jump jump-target=services
28 ;;; Allow Broadcast Traffic
chain=input dst-address-type=broadcast action=accept
29 ;;; Log and drop everything else
chain=input action=log log-prefix="Filter:"
30 chain=input action=drop
31 ;;; 0:0 and limit for 5pac/s
chain=ICMP protocol=icmp icmp-options=0:0-255 limit=5,5 action=accept
32 ;;; 3:3 and limit for 5pac/s
chain=ICMP protocol=icmp icmp-options=3:3 limit=5,5 action=accept
33 ;;; 3:4 and limit for 5pac/s
chain=ICMP protocol=icmp icmp-options=3:4 limit=5,5 action=accept
34 ;;; 8:0 and limit for 5pac/s
chain=ICMP protocol=icmp icmp-options=8:0-255 limit=5,5 action=accept
35 ;;; 11:0 and limit for 5pac/s
chain=ICMP protocol=icmp icmp-options=11:0-255 limit=5,5 action=accept
36 ;;; Drop everything else
chain=ICMP protocol=icmp action=drop
[admin@LunaTik] ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
1 ;;; NAT internal network to go out
chain=srcnat out-interface=Publica action=masquerade
4 ;;; KB
chain=dstnat in-interface=Publica protocol=tcp dst-port=9000 action=dst-nat to-addresses=10.0.2.2 to-ports=9000
5 ;;; Webmail
chain=dstnat in-interface=Publica protocol=tcp dst-port=2000 action=dst-nat to-addresses=10.0.2.200 to-ports=2000
I have other nat rules for emule, VNC, etc, forwarding certain ports.
However, as i said in my previous posts, these are the two relevant ones.
I need to be able to access "me.host.com:9000" and be the same as writing "10.0.2.2:9000"
with my local ip it works, but not with hostname.
Thanks for your help!