this might be something obvious, but I just can't figure it out.
I have a LAN (10.1.1.0/24) configured and a server-lan (172.16.0.0/24).
A server (172.16.0.1) is accessable via dstnat forwarding over the Public IP of my pppoeout interface.
For simplicity's sake I'd like to be able to access the Server via its public domain (i.e. its public IP) from the LAN.
My issue seems to be that the packets never even reach the pppoeout interface (if the packet sniffer is to be believed)
As far as I understand it, I don't need any hairpin-NAT configuration as client and server are in different networks.
NAT-config:
Code: Select all
[admin@RouterOS] > /ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade out-interface-list=WAN log=no log-prefix=""
1 chain=dstnat action=dst-nat to-addresses=172.16.0.1 to-ports=443 routing-mark=""
protocol=tcp in-interface=pppoe-out1 src-port="" dst-port=4411 log=no
log-prefix=""
2 X chain=dstnat action=dst-nat to-addresses=172.16.0.1 to-ports=80 protocol=tcp
in-interface=pppoe-out1 dst-port=80 log=no log-prefix=""
3 X chain=dstnat action=dst-nat to-addresses=172.16.0.1 to-ports=443 protocol=tcp
in-interface=pppoe-out1 dst-port=443 log=no log-prefix=""