Hi friends.

I want to forwarding my raspberry pi telnet port over pppoe-out and noip. the noip script is working and I can access to winbox from outside but the telnet and other ports can't be forwarding.
( adsl modem set to bridge and in mikrotik set pppoe client )
please help

The traffic to internal network needs to be allowed in firewall too.
"from pppoe -> internal:23 acept"

But ARE YOU SURE you want to do it? Telnet is unencrypted / in the clear traffic -> any users + passes and any data passed will be visible to all...

The traffic to internal network needs to be allowed in firewall too.
"from pppoe -> internal:23 acept"

But ARE YOU SURE you want to do it? Telnet is unencrypted / in the clear traffic -> any users + passes and any data passed will be visible to all...

Im do it allow firewall but nothing

The nat rule and the firewall rule both have counters. Try clearing both counters and then perform a number of tries. This will validate that right rules are used or not. Are both rules executed?

Your nat rule should be matched first, redirecting the packets to 10.*. Next, when packets gets forwarded by router, from pppoe to 10.*, firewall rule needs to allow the traffic.

BTW, that firewall rule I was referring earlier, its in-interface=pppoe out-ifnterface=lan (your 10.* network) and chain=forward.

The traffic to internal network needs to be allowed in firewall too.
"from pppoe -> internal:23 acept"

But ARE YOU SURE you want to do it? Telnet is unencrypted / in the clear traffic -> any users + passes and any data passed will be visible to all...

Not necessary. NAT rule is enough.

Hi friends.

I want to forwarding my raspberry pi telnet port over pppoe-out and noip. the noip script is working and I can access to winbox from outside but the telnet and other ports can't be forwarding.
( adsl modem set to bridge and in mikrotik set pppoe client )

Code: Select all

ip firewall nat add chain=dstnat action=dst-nat in-interface=pppoe-out1 to-addresses=10.5.53.254 to-ports=23 protocol=tcp dst-port=23

please help

If you have classic firewall and nat, and you added this rule, all is gonna be fine. Did you change standart firewall and nat rules? If yes, show them safely.

The traffic to internal network needs to be allowed in firewall too.
"from pppoe -> internal:23 acept"

But ARE YOU SURE you want to do it? Telnet is unencrypted / in the clear traffic -> any users + passes and any data passed will be visible to all...

Not necessary. NAT rule is enough.

If nat rule was enough in his config, this thread woudn't have existed: nat rule is there already...
Something else is needed then.

I changed the telnet port to 44 and it's working. maybe the isp blocking this port. also sip port 5060 can't forward when chane sip to 65530 work like a charm

Sent from my C6833 using Tapatalk