Community discussions

MikroTik App
 
JSgn
just joined
Topic Author
Posts: 2
Joined: Mon Jan 09, 2023 4:14 pm

Accessing server on one LAN from another LAN via its FQDN

Mon Jan 09, 2023 4:57 pm

Hi,
this might be something obvious, but I just can't figure it out.
I have a LAN (10.1.1.0/24) configured and a server-lan (172.16.0.0/24).
A server (172.16.0.1) is accessable via dstnat forwarding over the Public IP of my pppoeout interface.
For simplicity's sake I'd like to be able to access the Server via its public domain (i.e. its public IP) from the LAN.
My issue seems to be that the packets never even reach the pppoeout interface (if the packet sniffer is to be believed)

As far as I understand it, I don't need any hairpin-NAT configuration as client and server are in different networks.

NAT-config:
[admin@RouterOS] > /ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=srcnat action=masquerade out-interface-list=WAN log=no log-prefix="" 

 1    chain=dstnat action=dst-nat to-addresses=172.16.0.1 to-ports=443 routing-mark="" 
      protocol=tcp in-interface=pppoe-out1 src-port="" dst-port=4411 log=no 
      log-prefix="" 

 2 X  chain=dstnat action=dst-nat to-addresses=172.16.0.1 to-ports=80 protocol=tcp 
      in-interface=pppoe-out1 dst-port=80 log=no log-prefix="" 

 3 X  chain=dstnat action=dst-nat to-addresses=172.16.0.1 to-ports=443 protocol=tcp 
      in-interface=pppoe-out1 dst-port=443 log=no log-prefix="" 
You do not have the required permissions to view the files attached to this post.
 
JSgn
just joined
Topic Author
Posts: 2
Joined: Mon Jan 09, 2023 4:14 pm

Re: Accessing server on one LAN from another LAN via its FQDN  [SOLVED]

Tue Jan 10, 2023 2:32 pm

found my issue.
DST-NAT rule was limited to incoming from pppoeout1

Who is online

Users browsing this forum: AtomikRoach, hatred, jfox, mszru, neki, tesme33 and 49 guests