Community discussions

MikroTik App
 
User avatar
imlenkon
just joined
Topic Author
Posts: 16
Joined: Wed Mar 19, 2014 9:04 am
Location: Dhaka
Contact:

Local DNS

Sat May 06, 2017 11:04 am

My local LAN is 192.168.2.1/24, My web server ip is 1921.68.2.250 but i want to now access all of my user visit my web server as a domain (imlenkon.com). like they enter browser imlenkon.com its go to 192.168.2.250.
Abdul Kader Linkon
Network Engineer
CIS, MCSE, CWNA,CEH
Mikrotik Consultant
MUM Presenter
MTCRE, MTCNA
https://www.facebook.com/groups/mikrotikexperts/
 
Pea
Member Candidate
Member Candidate
Posts: 206
Joined: Fri Jul 17, 2015 11:07 pm
Location: Czech

Re: Local DNS

Sat May 06, 2017 11:33 am

Do you have your domain DNS/DDNS name registered with your WAN IP address?
If yes, then you can do it with NAT.
These 3 lines will make your web server accessible from internet and also from LAN by your domain name:
/ip firewall filter
add action=accept chain=forward comment="Accept dstnat pinholes" connection-nat-state=dstnat

/ip firewall nat
add action=dst-nat chain=dstnat comment="WAN to web server" dst-address-type=local dst-port=80,443 protocol=tcp to-addresses=192.168.2.250
add action=masquerade chain=srcnat comment="LAN to web server" dst-address=192.168.2.250 protocol=tcp src-address=192.168.2.1/24
Edit: Thank you Sob, dst-port corrected
Last edited by Pea on Sat May 06, 2017 11:11 pm, edited 1 time in total.
 
Sob
Forum Guru
Forum Guru
Posts: 5590
Joined: Mon Apr 20, 2009 9:11 pm

Re: Local DNS

Sat May 06, 2017 9:29 pm

If it's just web server, it's good idea to have dstnat rule with dst-port=80,443, otherwise all ports will go there.
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply. Not intended as incentive for masochists.
 
User avatar
imlenkon
just joined
Topic Author
Posts: 16
Joined: Wed Mar 19, 2014 9:04 am
Location: Dhaka
Contact:

Re: Local DNS

Sun May 07, 2017 12:04 pm

[quote="Pea"]Do you have your domain DNS/DDNS name registered with your WAN IP address?
If yes, then you can do it with NAT.
These 3 lines will make your web server accessible from internet and also from LAN by your domain name:
/ip firewall filter
add action=accept chain=forward comment="Accept dstnat pinholes" connection-nat-state=dstnat

/ip firewall nat
add action=dst-nat chain=dstnat comment="WAN to web server" dst-address-type=local dst-port=80,443 protocol=tcp to-addresses=192.168.2.250
add action=masquerade chain=srcnat comment="LAN to web server" dst-address=192.168.2.250 protocol=tcp src-address=192.168.2.1/24
Thnx for your Reply,
I don't need to access from internet, i need only from my Local network IP to Domain name Like 192.168.2.250 convert to imlenkon.com, then user just enter their browser imlenkon.com then access 192.168.2.250 how is it possible???
Abdul Kader Linkon
Network Engineer
CIS, MCSE, CWNA,CEH
Mikrotik Consultant
MUM Presenter
MTCRE, MTCNA
https://www.facebook.com/groups/mikrotikexperts/
 
Sob
Forum Guru
Forum Guru
Posts: 5590
Joined: Mon Apr 20, 2009 9:11 pm

Re: Local DNS

Sun May 07, 2017 3:13 pm

If users have router as DNS resolver, you can do:
/ip dns static
add address=192.168.2.250 name=imlenkon.com
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply. Not intended as incentive for masochists.
 
User avatar
imlenkon
just joined
Topic Author
Posts: 16
Joined: Wed Mar 19, 2014 9:04 am
Location: Dhaka
Contact:

Re: Local DNS

Wed May 10, 2017 7:54 pm

I try this but not working
Abdul Kader Linkon
Network Engineer
CIS, MCSE, CWNA,CEH
Mikrotik Consultant
MUM Presenter
MTCRE, MTCNA
https://www.facebook.com/groups/mikrotikexperts/
 
cutedrummerboy
Member Candidate
Member Candidate
Posts: 137
Joined: Thu Nov 14, 2013 6:32 pm

Re: Local DNS

Wed May 10, 2017 8:15 pm

I try this but not working
after that you have to enable allow remote request in /ip dns and use your router ip address as your dns server ip in your pc.
Device: RB2011UIAS-RM, RB750GL, CISCO SG300-28, UNIFI UAP-LR

Who is online

Users browsing this forum: dave864, Kindis, Quasar, Zacharias and 87 guests