Hey guys!

I've just got a new Router(Mikrotik hAP lite, RouterOS v3.41) and an dude from my local internet provider configured it for me.
I've the following config: Bridge1 and Gateway on 192.168.1.1, Router-IP: 192.168.1.253 and on the router four ethernet cables.
I am using radio link from an antenna connected to my router to my local fire department's radio link which is connected via optical fiber to the internet.
I don't know where this Bridge1 should be (I've only got one Router).

Anyway, my problem is the following:
I've got an RaspberryPI for my VPN server (OpenVPN on Port 1194). I've tried to forward this Port on my Router (192.168.1.253) because I've no access to this 192.168.1.1 and I've ran into the following problem:
I clicked onto IP -> Firewall -> NAT and used dstnat to UDP port 1194 on my RaspberryPI (internal IP: 192.168.1.20, static) which is connected via Bridge1 to ether4 port on my Router. But somehow I can't connect to it from outside. I've also configured NoIP on the RaspberryPI.

Please can somebody help me with this problem (If you need some more information, just ask for it.)? I would really appreciate it.

Kind regards
NoBrainer aka Martin

Is there any other address on this router except 192.168.1.253? Because so far it sounds like it's not really configured as router, but only a simple bridge/switch.

Yeah, my Winbox finds one 192.168.1.1 and the Router where I could log in to.

Just that we're clear, I mean addresses in IP->Addresses once you log in. What "WinBox finds" could also mean what you see in Neighbors tab, that's not important. If there's only 192.168.1.253 on this router, then you can't do anything by yourself and you must ask admin of upstream router, where the public address actually is, to forward some port(s) to you. And if your router is only bridge, let them forward it directly to Raspi's address.

So that's pretty strange... In IP->Addresses there's only 192.168.1.253 with Network 192.168.1.0 in interface bridge1.
So that means that I'll have to ask my provider if he could forward some ports for me? I just don't know, why Winbox finds 192.168.1.1 and the description of it says "MyLastname MyFirstname Address".
Which means in advance that I can forget this whole thing because there's literally one provider here and I find like 20 WiFi's with names like "Province+Number.cable".

Not really strange, it's one of possible configurations. You're behind ISP's router (192.168.1.1) and the reason why you have your own router at all is probably bacause of wifi, otherwise just a simple switch would be enough.

You could change your router to actual routing mode where you'd have 192.168.1.x on WAN and different own subnet on LAN, but unless you're affraid of ISP snooping in your LAN, there's no advantage, it would just add another NAT.

In any case, if you don't have public address on your router, there's nothing you can do without ISP's help.

So thank you for your simple but (in my opinion) very useful answer. So setting my router in routing mode won't make great changes at all for me and my ISP will have to do such things for me is what I got from your answer.
But as I said before: I don't think at all, that my ISP is capable of doing this because there are many other dudes here, who use the same ISP, which means they are probably all managed from a single router and if the ISP forwards this Port on his Router, it would (as far as I know) forward for example Traffic to Port 80 completely to my device which means that if somebody else also wants to forward the same Port, I and/or the ISP would get in trouble.
Please correct me if this was wrong, I don't know much about routers and such things, but this is as my brain got this whole story.

Your statement ion forwarding port 80 is incorrect. You are talking about a DMZ situation in wich all incoming trafic is routed to your IP. What you want is only UDP port 1194 to the ip of your pie.
This can be done. Will they do it is the million dolar question.....I assume that you need this as an incoming connection. if so you will also need to know the public IP. If this is a dynamic address then you will need to use some dynamic dns service like dyndns..

One public address and port can be used by exactly one service. So if your ISP would have only one public address for all customers, then forwarding port 80 to one of them would mean that nobody else could use it. But if they can be called ISP at all, they have more public addresses. If they had thousand addresses, they could forward port 80 to thousand customers (each from different address). That might still not be enough, but nothing is lost, because e.g. your OpenVPN couldn't care less what port it uses. It uses 1194 by default, but it will work perfectly fine with 46283 or any other of 65k ports available for every public address.

Thank you guys for your help, I really appreciate that.